nerdexam
Palo_Alto_Networks

PCNSE6 · Question #146

PCNSE6 Question #146: Real Exam Question with Answer & Explanation

The correct answer is B. Validating that UDP port 53 packets are not being used to tunnel data for another protocol C. Identifying unauthorized applications that attempt to connect over non-standard ports D. Allowing a packet through from an external DNS server only if an internal host recently queried. See the full explanation below for the reasoning.

Question

Which three inspections can be performed with a next-generation firewall but NOT with a legacy firewall? Choose 3 answers

Options

  • ARecognizing when SSH sessions are using SSH v1 instead of SSH v2
  • BValidating that UDP port 53 packets are not being used to tunnel data for another protocol
  • CIdentifying unauthorized applications that attempt to connect over non-standard ports
  • DAllowing a packet through from an external DNS server only if an internal host recently queried
  • ERemoving from the session table any TCP session without traffic for 3600 seconds

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PCNSE6 Practice