Which Palo Alto Networks VM-Series firewall is supported for VMware NSX?
A. VM-100
B. VM-200
C. VM-1000-HV
D. VM-300
Only two Trust to Untrust allow rules have been created in the Security policy
Rule1 allows google-base
Rule2 allows youtube-base
The youtube-base App-ID depends on google-base to function. The google-base App-ID implicitly uses SSL and web-browsing. When user try to accesss https://www.youtube.com in a web browser, they get an error indecating that the server cannot be found.
Which action will allow youtube.com display in the browser correctly?
A. Add SSL App-ID to Rule1
B. Create an additional Trust to Untrust Rule, add the web-browsing, and SSL App-ID's to it
C. Add the DNS App-ID to Rule2
D. Add the Web-browsing App-ID to Rule2
Which type of interface does a firewall use to forward decrypted traffic to a security chain for inspection?
A. Layer 1
B. Layer 3
C. Tap
D. Decryption Mirror
Which three fields can be included in a pcap filter? (Choose three)
A. Egress interface
B. Source IP
C. Rule number
D. Destination IP
E. Ingress interface
Which two actions are required to make Microsoft Active Directory users appear in a firewall traffic log? (Choose two.)
A. Run the User-ID Agent using an Active Directory account that has "event log viewer" permissions
B. Enable User-ID on the zone object for the destination zone
C. Run the User-ID Agent using an Active Directory account that has "domain administrator" permissions
D. Enable User-ID on the zone object for the source zone
E. Configure a RADIUS server profile to point to a domain controller
Which two interface types can be used when configuring GlobalProtect Portal? (Choose two)
A. Virtual Wire
B. Loopback
C. Layer 3
D. Tunnel
Starting with PAN-OS version 9.1, Global logging information is now recoded in which firewall log?
A. Authentication
B. Globalprotect
C. Configuration
D. System
Several offices are connected with VPNs using static IPV4 routes. An administrator has been tasked with implementing OSPF to replace static routing. Which step is required to accoumplish this goal?
A. Assign an IP address on each tunnel interface at each site
B. Enable OSPFv3 on each tunnel interface and use Area ID 0.0.0.0
C. Assign OSPF Area ID 0.0.0.0 to all Ethernet and tunnel interfaces
D. Create new VPN zones at each site to terminate each VPN connection
A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts trying to phone-home or beacon out to external command-and-control (C2) servers. Which security Profile type will prevent these behaviors?
A. WildFire
B. Anti-Spyware
C. Vulnerability Protection
D. Antivirus
Which CLI command displays the current management plan memory utilization?
A. > show system info
B. > show system resources
C. > debug management-server show
D. > show running resource-monitor
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCNSE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.