PCNSE Exam Dumps - Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0

Go to page:

<< First
Prev
2
3
4
5
6
7
8
9
10
11
Next
Last >>

Question # 49

Exhibit.

An organization has Palo Alto Networks NGFWs that send logs to remote monitoring and security management platforms The network team has reported excessive traffic on the corporate WAN How could the Palo Alto Networks NGFW administrator reduce WAN traffic while maintaining support for all the existing monitoring/security platforms?

Any configuration on an M-500 would address the insufficient bandwidth concerns

Forward logs from external sources to Panorama for correlation, and from Panorama send them to the NGFW

Configure log compression and optimization features on all remote firewalls

Forward logs from firewalls only to Panorama and have Panorama forward logs to other external services.

Full Access

Question # 50

An administrator has two pairs of firewalls within the same subnet. Both pairs of firewalls have been configured to use High Availability mode with Active/Passive. The ARP tables for upstream routes display the same MAC address being shared for some of these firewalls.

What can be configured on one pair of firewalls to modify the MAC addresses so they are no longer in conflict?

Configure a floating IP between the firewall pairs.

Change the Group IDs in the High Availability settings to be different from the other firewall pair on the same subnet.

Change the interface type on the interfaces that have conflicting MAC addresses from L3 to VLAN.

On one pair of firewalls, run the CLI command: set network interface vlan arp.

Full Access

Question # 51

Which two profiles should be configured when sharing tags from threat logs with a User-ID agent? (Choose two.)

HTTP

LDAP

Log Ingestion

Log Forwarding

Full Access

Question # 52

An administrator troubleshoots an issue that causes packet drops.

Which log type will help the engineer verify whether packet buffer protection was activated?

Data Filtering

Configuration

Threat

Traffic

Full Access

Question # 53

What can be used as an Action when creating a Policy-Based Forwarding (PBF) policy?

Deny

Discard

Allow

Next VR

Full Access

Question # 54

A firewall engineer needs to patch the companyâ€™s Palo Alto Network firewalls to the latest version of PAN-OS. The company manages its firewalls by using panorama. Logs are forwarded to Dedicated Log Collectors, and file samples are forwarded to WildFire appliances for analysis. What must the engineer consider when planning deployment?

Only Panorama and Dedicated Log Collectorss must be patched to the target PAN-OS version before updating the firewalls

Panorama, Dedicated Log Collectors and WildFire appliances must be patched to the target PAN-OS version before updating the firewalls.

Panorama, Dedicated Log Collectors and WildFire appliances must have the target PAN-OS version downloaded, after which the order of patching does not matter.

Only Panorama must be patched to the PAN-OS version before updating the firewalls

Full Access

Question # 55

Which CLI command displays the physical media that are connected to ethernet1/8?

> show system state filter-pretty sys.si. p8. stats

> show system state filter-pretty sys.sl.p8.phy

> show system state filter-pretty sys.sl.p8.med

> show interface ethernet1/8

Full Access