PCNSE Exam Questions
860 real PCNSE exam questions with expert-verified answers and explanations. Page 1 of 18.
- Question #1Deploy and Configure
A company.com wants to enable Application Override. Given the following screenshot: Which two statements are true if Source and Destination traffic match the Application Override p...
Application OverrideApp-IDContent-IDSecurity Policies - Question #2Operate
Which three fields can be included in a pcap filter? (Choose three)
Packet CapturePcap FiltersNetworkingTroubleshooting Tools - Question #3Operate
What are three possible verdicts that WildFire can provide for an analyzed sample? (Choose three)
WildFire verdictsThreat analysisMalware classification - Question #4Plan
A logging infrastructure may need to handle more than 10,000 logs per second. Which two options support a dedicated log collector function? (Choose two)
Panorama M-seriesLog CollectionLogging PerformanceAppliance Sizing - Question #5Deploy and Configure
What are three valid method of user mapping? (Choose three)
User MappingUser-IDIdentity ManagementFirewall Features - Question #6Configuration Troubleshooting
A host attached to ethernet1/3 cannot access the internet. The default gateway is attached to ethernet1/4. After troubleshooting. It is determined that traffic cannot pass from the...
Palo Alto Interface ModesNetwork TroubleshootingLayer 2/3 NetworkingTraffic Forwarding - Question #7Operate
The IT department has received complaints abou VoIP call jitter when the sales staff is making or receiving calls. QoS is enabled on all firewall interfaces, but there is no QoS po...
Application Command Center (ACC)Real-time monitoringBandwidth monitoringApplication visibility - Question #8Operate
A network security engineer is asked to provide a report on bandwidth usage. Which tab in the ACC provides the information needed to create the report?
ACCMonitoringReportingBandwidth Usage - Question #9Operate
Which three options does the WF-500 appliance support for local analysis? (Choose three)
WF-500WildFireMalware AnalysisFile Type Analysis - Question #10Deploy and Configure
Company.com has an in-house application that the Palo Alto Networks device doesn't identify correctly. A Threat Management Team member has mentioned that this in-house application...
Custom ApplicationsApp-IDContent-IDTraffic Identification - Question #11Configuration Troubleshooting
After pushing a security policy from Panorama to a PA-3020 firewall, the firewall administrator notices that traffic logs from the PA-3020 are not appearing in Panorama's traffic l...
LoggingLog Forwarding ProfilePanoramaConfiguration Troubleshooting - Question #12Operate
A critical US-CERT notification is published regarding a newly discovered botnet. The malware is very evasive and is not reliably detected by endpoint antivirus software. Furthermo...
Botnet DetectionAnti-SpywareDNS SinkholeThreat Prevention Profiles - Question #13Deploy and Configure
Which two statements are correct for the out-of-box configuration for Palo Alto Networks NGFWs? (Choose two)
Default ConfigurationInitial SetupManagement InterfaceVirtual Wire - Question #14Deploy and Configure
A network security engineer is asked to perform a Return Merchandise Authorization (RMA) on a firewall Which part of files needs to be imported back into the replacement firewall t...
RMA processLicensingPanorama managementDevice replacement - Question #15Configuration Troubleshooting
A network engineer has revived a report of problems reaching 98.139.183.24 through vr1 on the firewall. The routing table on this firewall is extensive and complex. Which CLI comma...
Routing TroubleshootingCLI DiagnosticsVirtual RoutersFIB Lookup - Question #16Deploy and Configure
Which two mechanisms help prevent a spilt brain scenario an Active/Passive High Availability (HA) pair? (Choose two)
High AvailabilitySplit-brain preventionHA linksInterface configuration - Question #17Deploy and Configure
What are three valid actions in a File Blocking Profile? (Choose three)
File BlockingSecurity ProfilesFirewall Configuration - Question #18Configuration Troubleshooting
An Administrator is configuring an IPSec VPN toa Cisco ASA at the administrator's home and experiencing issues completing the connection. The following is th output from the comman...
IPSec VPNVPN TroubleshootingNetwork AddressingFirewall Configuration - Question #19Deploy and Configure
Which interface configuration will accept specific VLAN IDs?
VLANsSubinterfacesInterface ConfigurationNetwork Interfaces - Question #20Core Concepts
Palo Alto Networks maintains a dynamic database of malicious domains. Which two Security Platform components use this database to prevent threats? (Choose two)
URL FilteringDNS SecurityThreat PreventionMalicious Domains - Question #21Deploy and Configure
Which two methods can be used to mitigate resource exhaustion of an application server? (Choose two)
DoS PreventionResource ExhaustionZone ProtectionSecurity Profiles - Question #22Configuration Troubleshooting
A host attached to Ethernet 1/4 cannot ping the default gateway. The widget on the dashboard shows Ethernet 1/1 and Ethernet 1/4 to be green. The IP address of Ethernet 1/1 is 192....
Security ZonesInterface ConfigurationConnectivity TroubleshootingPalo Alto Firewall Basics - Question #23Configuration Troubleshooting
A VPN connection is set up between Site-A and Site-B, but no traffic is passing in the system log of Site-A, there is an event logged as like-nego-p1-fail-psk. What action will bri...
VPN TroubleshootingIKE Phase 1Pre-shared KeyLog Analysis - Question #24Configuration Troubleshooting
A firewall administrator is troubleshooting problems with traffic passing through the Palo Alto Networks firewall. Which method shows the global counters associated with the traffi...
TroubleshootingCLI CommandsGlobal CountersPacket Filters - Question #25Configuration Troubleshooting
A network security engineer has been asked to analyze Wildfire activity. However, the Wildfire Submissions item is not visible form the Monitor tab. What could cause this condition...
WildFireUser PermissionsRBACMonitor Tab - Question #26Plan
Which Palo Alto Networks VM-Series firewall is supported for VMware NSX?
VM-Series FirewallVMware NSXProduct CompatibilityVirtual Firewalls - Question #27Deploy and Configure
A client is deploying a pair of PA-5000 series firewalls using High Availability (HA) in Active/Passive mode. Which statement is true about this deployment?
High Availability (HA)Active/Passive HAHA ConfigurationManagement Port - Question #28Core Concepts
What must be used in Security Policy Rule that contain addresses where NAT policy applies?
NAT PolicySecurity PolicyTraffic FlowPre-NAT / Post-NAT - Question #29Operate
A company has a policy that denies all applications it classifies as bad and permits only application it classifies as good. The firewall administrator created the following securi...
Security Policy ManagementLogging and ReportingApp-IDOperational Visibility - Question #30Deploy and Configure
How are IPV6 DNS queries configured to user interface ethernet1/3?
DNS ConfigurationIPv6Service RoutesManagement Services - Question #31Operate
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination...
DoS ProtectionNTP AmplificationUDP FloodSecurity Mitigation - Question #32Deploy and Configure
Which Security Policy Rule configuration option disables antivirus and anti-spyware scanning of server-to-client flows only?
Security PolicyThreat PreventionServer Response Inspection - Question #33Deploy and Configure
Which three options are available when creating a security profile? (Choose three)
Security ProfilesPalo Alto Firewall FeaturesURL FilteringFile Blocking - Question #34Deploy and Configure
Given the following table. Which configuration change on the firewall would cause it to use 10.66.24.88 as the next hop for the 192.168.93.0/30 network?
Routing ProtocolsAdministrative DistanceOSPFPath Selection - Question #35Deploy and Configure
A company hosts a publically accessible web server behind a Palo Alto Networks next generation firewall with the following configuration information. - Users outside the company ar...
NATDestination NATSecurity ZonesPalo Alto Networks - Question #36Deploy and Configure
Which two interface types can be used when configuring GlobalProtect Portal?(Choose two)
GlobalProtectInterface TypesPortal Configuration - Question #37Configuration Troubleshooting
What can missing SSL packets when performing a packet capture on dataplane interfaces?
Packet CaptureDataplaneHardware OffloadingSSL Processing - Question #38Operate
A network Administrator needs to view the default action for a specific spyware signature. The administrator follows the tabs and menus through Objects> Security Profiles> Anti- Sp...
Anti-Spyware ProfilesSecurity ProfilesSignature ActionsGUI Navigation - Question #39Operate
How does Panorama handle incoming logs when it reaches the maximum storage capacity?
Panorama Log ManagementLog Storage PolicyLog Retention - Question #40Core Concepts
Which three function are found on the dataplane of a PA-5050? (Choose three)
DataplaneFirewall ArchitectureNetwork FunctionsThreat Prevention - Question #41Deploy and Configure
How is the Forward Untrust Certificate used?
SSL DecryptionForward ProxyCertificatesSecurity Zones - Question #42Configuration Troubleshooting
A firewall administrator has completed most of the steps required to provision a standalone Palo Alto Networks Next-Generation Firewall. As a final step, the administrator wants to...
CLI CommandsSecurity PolicyPolicy TestingTroubleshooting Tools - Question #43Deploy and Configure
The web server is configured to listen for HTTP traffic on port 8080. The clients access the web server using the IP address 1.1.1.100 on TCP Port 80. The destination NAT rule is c...
Destination NATSecurity PolicyFirewall ZonesPacket Flow - Question #44Operate
A company has a pair of Palo Alto Networks firewalls configured as an Acitve/Passive High Availability (HA) pair. What allows the firewall administrator to determine the last date...
High AvailabilitySystem LogsMonitoringLog Filtering - Question #45Deploy and Configure
A network administrator uses Panorama to push security polices to managed firewalls at branch offices. Which policy type should be configured on Panorama if the administrators at t...
PanoramaPolicy HierarchySecurity RulesRule Processing Order - Question #46Core Concepts
Which client software can be used to connect remote Linux client into a Palo Alto Networks Infrastructure without sacrificing the ability to scan traffic and protect against threat...
GlobalProtectRemote Access VPNLinux ClientEndpoint Security - Question #47Configuration Troubleshooting
Only two Trust to Untrust allow rules have been created in the Security policy - Rule1 allows google-base - Rule2 allows youtube-base The youtube-base App-ID depends on google-base...
Security PolicyApp-IDDNSTroubleshooting - Question #48Deploy and Configure
The GlobalProtect Portal interface and IP address have been configured. Which other value needs to be defined to complete the network settings configuration of GlobalPortect Portal...
GlobalProtectPortal ConfigurationServer Certificate - Question #49Configuration Troubleshooting
Which command can be used to validate a Captive Portal policy?
Captive PortalPolicy TestingAuthentication PolicyCLI Commands - Question #50Operate
A company is upgrading its existing Palo Alto Networks firewall from version 7.0.1 to 7.0.4. Which three methods can the firewall administrator use to install PAN-OS 7.0.4 across t...
PAN-OS UpgradeFirewall ManagementSoftware InstallationPanorama