Free Palo Alto Networks PCNSE Exam Actual Questions

The questions for PCNSE were last updated On Nov 5, 2024

Question No. 1

Refer to the exhibit.

Based on the screenshots above what is the correct order in which the various rules are deployed to firewalls inside the DATACENTER_DG device group?

A.

shared pre-rules

DATACENTER DG pre rules

rules configured locally on the firewall

shared post-rules

DATACENTER_DG post-rules

DATACENTER.DG default rules

B.

shared pre-rules

DATACENTER_DG pre-rules

rules configured locally on the firewall

shared post-rules

DATACENTER.DG post-rules

shared default rules

C.

shared pre-rules

DATACENTER_DG pre-rules

rules configured locally on the firewall

DATACENTER_DG post-rules

shared post-rules

shared default rules

D.

shared pre-rules

DATACENTER_DG pre-rules

rules configured locally on the firewall

DATACENTER_DG post-rules

shared post-rules

DATACENTER_DG default rules

Show Answer Hide Answer
Correct Answer: A

Question No. 3

A firewall engineer is managing a Palo Alto Networks NGFW that does not have the DHCP server on DHCP agent configuration. Which interface mode can the broadcast DHCP traffic?

Show Answer Hide Answer
Correct Answer: B

Question No. 4

A network security administrator wants to inspect HTTPS traffic from users as it egresses through a firewall to the Internet/Untrust zone from trusted network zones.

The security admin wishes to ensure that if users are presented with invalid or untrusted security certificates, the user will see an untrusted certificate warning.

What is the best choice for an SSL Forward Untrust certificate?

Show Answer Hide Answer
Correct Answer: B

Question No. 5

When using certificate authentication for firewall administration, which method is used for authorization?

Show Answer Hide Answer
Correct Answer: A

When using certificate authentication for firewall administration on Palo Alto Networks devices, the method used for authorization is typically the Local database. Certificate authentication ensures that the entity attempting to access the firewall is in possession of a valid certificate. Once the certificate is validated for authentication, the authorization process determines what level of access or permissions the authenticated entity has. This is usually managed locally on the firewall, where administrators can define roles and permissions associated with different users or certificates. Thus, the authorization process, in this case, leverages the Local database to enforce access controls and permissions, aligning with best practices for secure management of network devices.