Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

PCNSE Exam Dumps - Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0

Go to page:
Question # 65

A network administrator notices a false-positive state after enabling Security profiles. When the administrator checks the threat prevention logs, the related signature displays the following:

threat type: spyware category: dns-c2 threat ID: 1000011111

Which set of steps should the administrator take to configure an exception for this signature?

A.

Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select DNS exceptions tabs Search related threat ID and click enable Commit

B.

Navigate to Objects > Security Profiles > Vulnerability Protection Select related profileSelect the signature exceptions tab and then click show all signatures Search related threat ID and click enable Change the default action Commit

C.

Navigate to Objects > Security Profiles > Vulnerability ProtectionSelect related profileSelect the Exceptions lab and then click show all signaturesSearch related threat ID and click enableCommit

D.

Navigate to Objects > Security Profiles > Anti-SpywareSelect related profileSelect the Exceptions lab and then click show all signaturesSearch related threat ID and click enable Commit

Full Access
Question # 66

A network administrator wants to deploy SSL Forward Proxy decryption. What two attributes should a forward trust certificate have? (Choose two.)

A.

A subject alternative name

B.

A private key

C.

A server certificate

D.

A certificate authority (CA) certificate

Full Access
Question # 67

A system administrator runs a port scan using the company tool as part of vulnerability check. The administrator finds that the scan is identified as a threat and is dropped by the firewall. After further investigating the logs, the administrator finds that the scan is dropped in the Threat Logs.

A.

Add the tool IP address to the reconnaissance protection source address exclusion in the DoS Protection profile.

B.

Add the tool IP address to the reconnaissance protection source address exclusion in the Zone protection profile.

C.

Change the TCP port scan action from Block to Alert in the Zone Protection profile.

D.

Remove the Zone protection profile from the zone setting.

Full Access
Question # 68

PBF can address which two scenarios? (Choose two.)

A.

Routing FTP to a backup ISP link to save bandwidth on the primary ISP link

B.

Providing application connectivity the primary circuit fails

C.

Enabling the firewall to bypass Layer 7 inspection

D.

Forwarding all traffic by using source port 78249 to a specific egress interface

Full Access
Question # 69

A network security administrator wants to inspect HTTPS traffic from users as it egresses through a firewall to the Internet/Untrust zone from trusted network zones.

The security admin wishes to ensure that if users are presented with invalid or untrusted security certificates, the user will see an untrusted certificate warning.

What is the best choice for an SSL Forward Untrust certificate?

A.

A web server certificate signed by the organization's PKI

B.

A self-signed certificate generated on the firewall

C.

A subordinate Certificate Authority certificate signed by the organization's PKI

D.

A web server certificate signed by an external Certificate Authority

Full Access
Question # 70

An administrator has configured OSPF with Advanced Routing enabled on a Palo Alto Networks firewall running PAN-OS 10.2. After OSPF was configured, the administrator noticed that OSPF routes were not being learned.

Which two actions could an administrator take to troubleshoot this issue? (Choose two.)

A.

Run the CLI command show advanced-routing ospf neighbor

B.

In the WebUI, view the Runtime Stats in the virtual router

C.

Look for configuration problems in Network > virtual router > OSPF

D.

In the WebUI, view Runtime Stats in the logical router

Full Access
Question # 71

An engineer needs to collect User-ID mappings from the company's existing proxies.

What two methods can be used to pull this data from third party proxies? (Choose two.)

A.

Client probing

B.

Syslog

C.

XFF Headers

D.

Server Monitoring

Full Access
Question # 72

Which two statements correctly describe Session 380280? (Choose two.)

A.

The session went through SSL decryption processing.

B.

The session has ended with the end-reason unknown.

C.

The application has been identified as web-browsing.

D.

The session did not go through SSL decryption processing.

Full Access
Go to page: