Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

PCNSE Exam Dumps - Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0

Go to page:
Question # 33

Which DoS Protection Profile detects and prevents session exhaustion attacks against specific destinations?

A.

Resource Protection

B.

TCP Port Scan Protection

C.

Packet Based Attack Protection

D.

Packet Buffer Protection

Full Access
Question # 34

Which three external authentication services can the firewall use to authenticate admins into the Palo Alto Networks NGFW without creating administrator account on the firewall? (Choose three.)

A.

RADIUS

B.

TACACS+

C.

Kerberos

D.

LDAP

E.

SAML

Full Access
Question # 35

How can Panorama help with troubleshooting problems such as high CPU or resource exhaustion on a managed firewall?

A.

Panorama provides information about system resources of the managed devices in the Managed Device > Health menu.

B.

Firewalls send SNMP traps to Panorama wen resource exhaustion is detected Panorama generates a system log and can send email alerts.

C.

Panorama monitors all firewalls using SNMP. It generates a system log and can send email alerts when resource exhaustion is detected on a managed firewall.

D.

Panorama provides visibility all the system and traffic logs received from firewalls it does not offer any ability to see or monitor resource utilization on managed firewalls

Full Access
Question # 36

An administrator Just enabled HA Heartbeat Backup on two devices However, the status on tie firewall's dashboard is showing as down High Availability.

What could an administrator do to troubleshoot the issue?

A.

Go to Device > High Availability> General > HA Pair Settings > Setup and configuring the peer IP for heartbeat backup

B.

Check peer IP address In the permit list In Device > Setup > Management > Interfaces > Management Interface Settings

C.

Go to Device > High Availability > HA Communications> General> and check the Heartbeat Backup under Election Settings

D.

Check peer IP address for heartbeat backup to Device > High Availability > HA Communications > Packet Forwarding settings.

Full Access
Question # 37

A customer wants to deploy User-ID on a Palo Alto Network NGFW with multiple vsys. One of the vsys will support a GlobalProtect portal and gateway. the customer uses Windows

A.

Deploy the GlobalProtect as a lee data hub.

B.

Deploy Window User 0 agents on each domain controller.

C.

Deploys AILS integrated Use 10 agent on each vsys.

D.

Deploy a M.200 as a Users-ID collector.

Full Access
Question # 38

An administrator configures HA on a customer's Palo Alto Networks firewalls with path monitoring by using the default configuration values.

What are the default values for ping interval and ping count before a failover is triggered?

A.

Ping interval of 200 ms and ping count of three failed pings

B.

Ping interval of 5000 ms and ping count of 10 failed pings

C.

Ping interval of 200 ms and ping count of 10 failed pings

D.

Ping interval of 5000 ms and ping count of three failed pings

Full Access
Question # 39

An engineer is designing a deployment of multi-vsys firewalls.

What must be taken into consideration when designing the device group structure?

A.

Only one vsys or one firewall can be assigned to a device group, and a multi-vsys firewall can have each vsys in a different device group.

B.

Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall can have each vsys in a different device group.

C.

Only one vsys or one firewall can be assigned to a device group, except for a multi-vsys firewall, which must have all its vsys in a single device group.

D.

Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall must have all its vsys in a single device group.

Full Access
Question # 40

Which protocol is supported by GlobalProtect Clientless VPN?

A.

FTP

B.

RDP

C.

SSH

D.

HTTPS

Full Access
Go to page: