Download Palo Alto Networks Certified Network Security Engineer.Actualtests.PCNSE.2018-09-13.1e.70q.vcex

Download Dump

File Info

Exam Palo Alto Networks Certified Network Security Engineer
Number PCNSE
File Name Palo Alto Networks Certified Network Security Engineer.Actualtests.PCNSE.2018-09-13.1e.70q.vcex
Size 1.01 Mb
Posted September 13, 2018
Downloads 2



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%





Demo Questions

Question 1
When configuring a GlobalProtect Portal, what is the purpose of specifying an Authentication Profile? 

  • A: To enable Gateway authentication to the Portal
  • B: To enable Portal authentication to the Gateway
  • C: To enable user authentication to the Portal
  • D: To enable client machine authentication to the Portal



Question 2
If a template stack is assigned to a device and the stack includes three templates with overlapping settings, which settings are published to the device when the template stack is pushed?

  • A: The settings assigned to the template that is on top of the stack.
  • B: The administrator will be promoted to choose the settings for that chosen firewall.
  • C: All the settings configured in all templates.
  • D: Depending on the firewall location, Panorama decides with settings to send.



Question 3
Which method will dynamically register tags on the Palo Alto Networks NGFW?

  • A: Restful API or the VMWare API on the firewall or on the User-ID agent or the read-only domain controller (RODC)
  • B: Restful API or the VMware API on the firewall or on the User-ID agent
  • C: XML-API or the VMware API on the firewall or on the User-ID agent or the CLI
  • D: XML API or the VM Monitoring agent on the NGFW or on the User-ID agent



Question 4
How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

  • A: Configure the option for “Threshold”.
  • B: Disable automatic updates during weekdays.
  • C: Automatically “download only” and then install Applications and Threats later, after the administrator approves the update.
  • D: Automatically “download and install” but with the “disable new applications” option used.



Question 5
To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?

  • A: Device>Setup>Services>AutoFocus
  • B: Device> Setup>Management >AutoFocus 
  • C: AutoFocus is enabled by default on the Palo Alto Networks NGFW
  • D: Device>Setup>WildFire>AutoFocus
  • E: Device>Setup> Management> Logging and Reporting Settings



Question 6
A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com.
How can the firewall be configured automatically disable the PBF rule if the next hop goes down? 

  • A: Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  • B: Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  • C: Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  • D: Configure path monitoring for the next hop gateway on the default route in the virtual router.



Question 7
What are two benefits of nested device groups in Panorama? (Choose two.)

  • A: Reuse of the existing Security policy rules and objects 
  • B: Requires configuring both function and location for every device
  • C: All device groups inherit settings form the Shared group
  • D: Overwrites local firewall configuration



Question 8
Which Captive Portal mode must be configured to support MFA authentication?

  • A: NTLM
  • B: Redirect
  • C: Single Sign-On
  • D: Transparent



Question 9
An administrator needs to implement an NGFW between their DMZ and Core network. EIGRP Routing between the two environments is required.  
Which interface type would support this business requirement?

  • A: Virtual Wire interfaces to permit EIGRP routing to remain between the Core and DMZ
  • B: Layer 3 or Aggregate Ethernet interfaces, but configuring EIGRP on subinterfaces only
  • C: Tunnel interfaces to terminate EIGRP routing on an IPsec tunnel (with the GlobalProtect License to support LSVPN and EIGRP protocols)
  • D: Layer 3 interfaces, but configuring EIGRP on the attached virtual router



Question 10
A speed/duplex negotiation mismatch is between the Palo Alto Networks management port and the switch port which it connects. 
How would an administrator configure the interface to 1Gbps?

  • A: set deviceconfig interface speed-duplex 1Gbps-full-duplex
  • B: set deviceconfig system speed-duplex 1Gbps-duplex
  • C: set deviceconfig system speed-duplex 1Gbps-full-duplex
  • D: set deviceconfig Interface speed-duplex 1Gbps-half-duplex









CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset