PCNSC Online Practice Questions and Answers

Which event will happen administrator uses an Application Override Policy?

A. The application name assigned to the traffic by the security rule is written to the traffic log.

B. The Palo Alto Networks NGFW Steps App-ID processing at Layer 4.

C. Threat-ID processing time is decreased.

D. App-ID processing time is increased.

An organization has Palo Alto Networks MGfWs that send logs to remote monitoring and security management platforms. The network team has report has excessive traffic on the corporate WAN. How could the Palo Alto Networks NOFW administrator reduce WAN traffic while maintaining support for all the existing monitoring/security platforms?

A. forward logs from firewalls only to Panorama, and have Panorama forward log* lo other external service.

B. Any configuration on an M-500 would address the insufficient bandwidth concerns.

C. Configure log compression and optimization features on all remote firewalls.

D. Forward logs from external sources to Panorama for correlation, arid from Panorama send to the NGFW.

Which action would enables the firewalls to send their preexisting logs to Panorama?

A. A CLI command will forward the pre-existing logs to Panorama.

B. Use the import option to pull logs panorama.

C. Use the ACC to consolidate pre-existing logs.

D. The- log database will need to be exported from the firewall and manually imported into Panorama.

Which feature prevents the submission of corporate login information into website forms?

A. credential submission prevention

B. file blocking

C. User-ID

D. data filtering

What are two benefits of nested device groups in panorama? (Choose two )

A. overwrites local firewall configuration

B. requires configuration both function and location for every device

C. all device groups inherit setting from the Shared group

D. reuse of the existing Security policy rules and objects

Which feature can be configured on VM-Series firewalls'?

A. aggregate interlaces

B. multiple virtual systems

C. Globallprotect

D. machine learning

How does Panorama prompt VMware NSX to quarantine an in6erface VM??

A. Syslog Server Profile

B. Email Server Profile

C. SNMP Server Profile

D. HTTP Server Profile

An administrator deploys PA-500 NGFWs as an active/passive high availability pair . The devices are not participating in dynamic router and preemption is disabled.

What must be verified to upgrade the firewalls to the most recent version of PAN OS software?

A. Antivirus update package

B. Applications and Threats update package

C. Wildfire update package

D. User-ID agent

Which prerequisite must be satisfied before creating an SSH proxy Decryption policy?

A. No prerequisites are required

B. SSH keys must be manually generated

C. Both SSH keys and SSL certificates must be generated

D. SSL certificates must be generated

Which two action would be part of an automatic solution that would block sites with untrusted certificates without enabling SSL forward proxy? (Choose two.)

A. Configure an EDL to pull IP Addresses of known sites resolved from a CRL.

B. Create a Security Policy rule with vulnerability Security Profile attached.

C. Create a no-decrypt Decryption Policy rule.

D. Enable the "Block seasons with untrusted Issuers- setting.

E. Configure a Dynamic Address Group for untrusted sites.