Download Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex
Download Exam
File Info
| Exam | Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0 |
| Number | PCNSE9 |
| File Name | Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex |
| Size | 949 Kb |
| Posted | May 29, 2020 |
| Downloads | 50 |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: EXAMFILESCOM
With discount: 20%
Demo Questions
Question 1
Which two actions would be part of an automatic solution that would block sites with untrusted certificates without enabling SSL Forward Proxy? (Choose two.)
- A: Create a no-decrypt Decryption Policy rule.
- B: Configure an EDL to pull IP addresses of known sites resolved from a CRL.
- C: Create a Dynamic Address Group for untrusted sites
- D: Create a Security Policy rule with vulnerability Security Profile attached.
- E: Enable the "Block sessions with untrusted issuers" setting.
Question 2
Which two features does PAN-OS® software use to identify applications? (Choose two)
- A: port number
- B: session number
- C: transaction characteristics
- D: application layer payload
Question 3
The certificate information displayed in the following image is for which type of certificate?
Exhibit:
Exhibit:
- A: Forward Trust certificate
- B: Self-Signed Root CA certificate
- C: Web Server certificate
- D: Public CA signed certificate
Question 4
A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?
- A: Application override
- B: Redistribution of user mappings
- C: Virtual Wire mode
- D: Content inspection
Question 5
When configuring a GlobalProtect Portal, what is the purpose of specifying an
Authentication Profile?
Authentication Profile?
- A: To enable Gateway authentication to the Portal
- B: To enable Portal authentication to the Gateway
- C: To enable user authentication to the Portal
- D: To enable client machine authentication to the Portal
Question 6
A customer wants to combine multiple Ethernet interfaces into a single virtual interface using link aggregation. Which two formats are correct for naming aggregate interfaces? (Choose two.)
- A: ae.8
- B: aggregate.1
- C: ae.1
- D: aggregate.8
Question 7
View the GlobalProtect configuration screen apture.
What is the purpose of this configuration?
What is the purpose of this configuration?
- A: It configures the tunnel address of all internal clients to an IP address range starting at 192.168.10.1.
- B: It forces an internal client to connect to an internal gateway at IP address 192.168.10.1.
- C: It enables a client to perform a reverse DNS lookup on 192.168.10.1 to detect that it is an internal client.
- D: It forces the firewall to perform a dynamic DNS update, which adds the internal gateway’s hostname and IP address to the DNS server.
Question 8
Which CLI command can be used to export the tcpdump capture?
- A: scp export tcpdump from mgmt.pcap to <[email protected]:path>
- B: scp extract mgmt-pcap from mgmt.pcap to <[email protected]:path>
- C: scp export mgmt-pcap from mgmt.pcap to <[email protected]:path>
- D: download mgmt.-pcap
Question 9
In High Availability, which information is transferred via the HA data link?
- A: session information
- B: heartbeats
- C: HA state information
- D: User-ID information
Question 10
Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)
- A: TACACS+
- B: Kerberos
- C: PAP
- D: LDAP
- E: SAML
- F: RADIUS
HOW TO OPEN VCEX AND EXAM FILES
Use ProfExam Simulator to open VCEX and EXAM files
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
