Download Palo Alto Networks Certified Network Security Engineer.Actualtests.PCNSE.2018-09-13.1e.70q.vcex

Download Dump

File Info

Exam Palo Alto Networks Certified Network Security Engineer
Number PCNSE
File Name Palo Alto Networks Certified Network Security Engineer.Actualtests.PCNSE.2018-09-13.1e.70q.vcex
Size 1.01 Mb
Posted September 13, 2018
Downloads 2

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1
When configuring a GlobalProtect Portal, what is the purpose of specifying an Authentication Profile? 

  • A: To enable Gateway authentication to the Portal
  • B: To enable Portal authentication to the Gateway
  • C: To enable user authentication to the Portal
  • D: To enable client machine authentication to the Portal

Question 2
If a template stack is assigned to a device and the stack includes three templates with overlapping settings, which settings are published to the device when the template stack is pushed?

  • A: The settings assigned to the template that is on top of the stack.
  • B: The administrator will be promoted to choose the settings for that chosen firewall.
  • C: All the settings configured in all templates.
  • D: Depending on the firewall location, Panorama decides with settings to send.

Question 3
Which method will dynamically register tags on the Palo Alto Networks NGFW?

  • A: Restful API or the VMWare API on the firewall or on the User-ID agent or the read-only domain controller (RODC)
  • B: Restful API or the VMware API on the firewall or on the User-ID agent
  • C: XML-API or the VMware API on the firewall or on the User-ID agent or the CLI
  • D: XML API or the VM Monitoring agent on the NGFW or on the User-ID agent

Question 4
How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

  • A: Configure the option for “Threshold”.
  • B: Disable automatic updates during weekdays.
  • C: Automatically “download only” and then install Applications and Threats later, after the administrator approves the update.
  • D: Automatically “download and install” but with the “disable new applications” option used.

Question 5
To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?

  • A: Device>Setup>Services>AutoFocus
  • B: Device> Setup>Management >AutoFocus 
  • C: AutoFocus is enabled by default on the Palo Alto Networks NGFW
  • D: Device>Setup>WildFire>AutoFocus
  • E: Device>Setup> Management> Logging and Reporting Settings

Question 6
A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to
How can the firewall be configured automatically disable the PBF rule if the next hop goes down? 

  • A: Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  • B: Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  • C: Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  • D: Configure path monitoring for the next hop gateway on the default route in the virtual router.

Question 7
What are two benefits of nested device groups in Panorama? (Choose two.)

  • A: Reuse of the existing Security policy rules and objects 
  • B: Requires configuring both function and location for every device
  • C: All device groups inherit settings form the Shared group
  • D: Overwrites local firewall configuration

Question 8
Which Captive Portal mode must be configured to support MFA authentication?

  • A: NTLM
  • B: Redirect
  • C: Single Sign-On
  • D: Transparent

Question 9
An administrator needs to implement an NGFW between their DMZ and Core network. EIGRP Routing between the two environments is required.  
Which interface type would support this business requirement?

  • A: Virtual Wire interfaces to permit EIGRP routing to remain between the Core and DMZ
  • B: Layer 3 or Aggregate Ethernet interfaces, but configuring EIGRP on subinterfaces only
  • C: Tunnel interfaces to terminate EIGRP routing on an IPsec tunnel (with the GlobalProtect License to support LSVPN and EIGRP protocols)
  • D: Layer 3 interfaces, but configuring EIGRP on the attached virtual router

Question 10
A speed/duplex negotiation mismatch is between the Palo Alto Networks management port and the switch port which it connects. 
How would an administrator configure the interface to 1Gbps?

  • A: set deviceconfig interface speed-duplex 1Gbps-full-duplex
  • B: set deviceconfig system speed-duplex 1Gbps-duplex
  • C: set deviceconfig system speed-duplex 1Gbps-full-duplex
  • D: set deviceconfig Interface speed-duplex 1Gbps-half-duplex



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files