Download Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex

Download Exam

File Info

Exam Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0
Number PCNSE9
File Name Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex
Size 949 Kb
Posted May 29, 2020
Downloads 50

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1
Which two actions would be part of an automatic solution that would block sites with untrusted certificates without enabling SSL Forward Proxy? (Choose two.)

  • A: Create a no-decrypt Decryption Policy rule.
  • B: Configure an EDL to pull IP addresses of known sites resolved from a CRL.
  • C: Create a Dynamic Address Group for untrusted sites
  • D: Create a Security Policy rule with vulnerability Security Profile attached.
  • E: Enable the "Block sessions with untrusted issuers" setting.

Question 2
Which two features does PAN-OS® software use to identify applications? (Choose two)

  • A: port number
  • B: session number
  • C: transaction characteristics
  • D: application layer payload

Question 3
The certificate information displayed in the following image is for which type of certificate?

  • A: Forward Trust certificate
  • B: Self-Signed Root CA certificate
  • C: Web Server certificate
  • D: Public CA signed certificate

Question 4
A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?

  • A: Application override
  • B: Redistribution of user mappings
  • C: Virtual Wire mode
  • D: Content inspection

Question 5
When configuring a GlobalProtect Portal, what is the purpose of specifying an
Authentication Profile?

  • A: To enable Gateway authentication to the Portal
  • B: To enable Portal authentication to the Gateway
  • C: To enable user authentication to the Portal
  • D: To enable client machine authentication to the Portal

Question 6
A customer wants to combine multiple Ethernet interfaces into a single virtual interface using link aggregation. Which two formats are correct for naming aggregate interfaces? (Choose two.)

  • A: ae.8
  • B: aggregate.1
  • C: ae.1
  • D: aggregate.8

Question 7
View the GlobalProtect configuration screen apture.


What is the purpose of this configuration?

  • A: It configures the tunnel address of all internal clients to an IP address range starting at
  • B: It forces an internal client to connect to an internal gateway at IP address
  • C: It enables a client to perform a reverse DNS lookup on to detect that it is an internal client.
  • D: It forces the firewall to perform a dynamic DNS update, which adds the internal gateway’s hostname and IP address to the DNS server.

Question 8
Which CLI command can be used to export the tcpdump capture?

Question 9
In High Availability, which information is transferred via the HA data link?

  • A: session information
  • B: heartbeats
  • C: HA state information
  • D: User-ID information

Question 10
Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)

  • A: TACACS+
  • B: Kerberos
  • C: PAP
  • D: LDAP
  • E: SAML


You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files