Questions for the PCNSC were updated on : Nov 29 ,2024
Which three authentication faction factors does PAN-OS® software support for MFA? (Choose three.)
A B D
A speed/duplex negotiation mismatch is between the Palo Alto Networks management port and the switch it connect.
How would an administrator configure the interface to IGbps?
D
An administrator sees several inbound sessions identified as unknown tcp in the Traffic logs. The administrator determines
that these sessions are from external users accessing the companys propriety accounting application. The administrator
wants to reliability identity this as their accounting application and to scan this traffic for threats.
Which option would achieve this result?
A
A Company needs to preconfigured firewalls to be sent to remote sites with the least amount of preconfiguration. Once
deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional
data centers.
Which VPN configuration would adapt to changes when deployed to Hie future site?
A
An administrator has users accessing network resources through Citrix XenApp 7 .x. Which User-ID mapping solution will
map multiple mat who using Citrix to connect to the network and access resources?
C
An administrator wants multiple web servers in the DMZ to receive connections from the internet. Traffic destined for
206.15.22.9 port 80/TCP needs to be forwarded to the server at 10 1.22
Based on the information shown in the age, which NAT rule will forward web-browsing traffic correctly?
A)
B)
C)
D)
A
Refer to the exhibit.
A web server in the DMZ is being mapped to a public address through DNAT. Which Security policy rule will allow traffic to
flow to the web server?
B
Which feature can be configured on VM-Series firewalls'?
C
A web server is hosted in the DMZ and the server re configured to listen for income connections on TCP port
443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-
browsing access. The web server host its contents over Traffic from Trust to DMZ is being decrypted with a Forward Proxy
rule.
Which combination of service and application, and order of Security policy rules needs to be configured to allow cleaned
web-browsing traffic to the server on tcp/443?
C
VPN traffic intended for an administrator's Palo Alto Networks NGfW is being maliciously intercepted and retransmitted by
the interceptor. When Creating a VPN tunnel, which protection profile cm be enabled to prevent this malicious behavior?
A
A session in the Traffic log is reporting the application as "incomplete
What does "incomplete" mean?
A
An administrator has enabled OSPF on a virtual router on the NGFW OSPF is not adding new routes to the virtual router.
Which two options enable the administrator top troubleshoot this issue? (Choose two.)
B D
An organization has Palo Alto Networks MGfWs that send logs to remote monitoring and security management platforms.
The network team has report has excessive traffic on the corporate WAN. How could the Palo Alto Networks NOFW
administrator reduce WAN traffic while maintaining support for all the existing monitoring/security platforms?
A
A Palo Alto Networks NGFW just submitted a file lo WildFire tor analysis Assume a 5-minute window for analysis. The
firewall is configured to check for verdicts every 5 minutes.
How quickly will the firewall receive back a verdict?
B
Winch three steps will reduce the CPU utilization on the management plane? (Choose three. ) Disable logging at session
start in Security policies.
A B C