PCNSE Online Practice Questions and Answers

In a device group, which two configuration objects are defined? (Choose two )

A. DNS Proxy

B. address groups

C. SSL/TLS profiles

D. URL Filtering profiles

In a template you can configure which two objects? (Choose two.)

A. SD WAN path quality profile

B. application group

C. IPsec tunnel

D. Monitor profile

An administrator connected a new fiber cable and transceiver to interface Ethernetl/l on a Palo Alto Networks firewall. However, the link does not seem to be coming up.

If an administrator were to troubleshoot, how would they confirm the transceiver type, tx-power, rx-power, vendor name, and part number via the CLI?

A. show system state filter sw.dev.interface.config

B. show chassis status slot s1

C. show system state filter-pretty sys.s1.*

D. show system state filter ethernet1/1

What can be used as an Action when creating a Policy-Based Forwarding (PBF) policy?

A. Deny

B. Discard

C. Allow

D. Next VR

An engineer troubleshoots a Panorama-managed firewall that is unable to reach the DNS servers configured via a global template. As a troubleshooting step, the engineer needs to configure a local DNS server in place of the template value.

Which two actions can be taken to ensure that only the specific firewall is affected during this process? (Choose two.)

A. Override the DNS server on the template stack.

B. Configure the DNS server locally on the firewall.

C. Change the DNS server on the global template.

D. Configure a service route for DNS on a different interface.

An engineer troubleshoots a high availability (HA) link that is unreliable.

Where can the engineer view what time the interface went down?

A. Monitor > Logs > Traffic

B. Device > High Availability > Active/Passive Settings

C. Monitor > Logs > System

D. Dashboard > Widgets > High Availability

The Aggregate Ethernet interface is showing down on a passive PA-7050 firewall of an active/passive HA pair. The HA Passive Link State is set to "Auto" under Device > High Availability > General > Active/Passive Settings. The AE interface is configured with LACP enabled and is up only on the active firewall.

Why is the AE interface showing down on the passive firewall?

A. It does not perform pre-negotiation LACP unless "Enable in HA Passive State" is selected under the High Availability Options on the LACP tab of the AE Interface.

B. It does not participate in LACP negotiation unless Fast Failover is selected under the Enable LACP selection on the LACP tab of the AE Interface.

C. It participates in LACP negotiation when Fast is selected for Transmission Rate under the Enable LACP selection on the LACP tab of the AE Interface.

D. It performs pre-negotiation of LACP when the mode Passive is selected under the Enable LACP selection on the LACP tab of the AE Interface.

What are three possible verdicts that WildFire can provide for an analyzed sample? (Choose three)

A. Clean

B. Bengin

C. Adware

D. Suspicious

E. Grayware

F. Malware

How does Panorama handle incoming logs when it reaches the maximum storage capacity?

A. Panorama discards incoming logs when storage capacity full.

B. Panorama stops accepting logs until licenses for additional storage space are applied

C. Panorama stops accepting logs until a reboot to clean storage space.

D. Panorama automatically deletes older logs to create space for new ones.

How does Panorama prompt VMWare NSX to quarantine an infected VM?

A. HTTP Server Profile

B. Syslog Server Profile

C. Email Server Profile

D. SNMP Server Profile