Palo Alto Networks PCNSE Practice Exams
Last updated on Apr 09,2025- Exam Code: PCNSE
- Exam Name: Palo Alto Networks Certified Network Security Engineer Exam
- Certification Provider: Palo Alto Networks
- Latest update: Apr 09,2025
An administrator Just enabled HA Heartbeat Backup on two devices However, the status on tie firewall’s dashboard is showing as down High Availability.
What could an administrator do to troubleshoot the issue?
- A . Go to Device > High Availability> General > HA Pair Settings > Setup and configuring the peer IP for heartbeat backup
- B . Check peer IP address In the permit list In Device > Setup > Management > Interfaces > Management Interface Settings
- C . Go to Device > High Availability > HA Communications> General> and check the Heartbeat Backup under Election Settings
- D . Check peer IP address for heartbeat backup to Device > High Availability > HA Communications > Packet Forwarding settings.
Which statement regarding HA timer settings is true?
- A . Use the Recommended profile for typical failover timer settings
- B . Use the Moderate profile for typical failover timer settings
- C . Use the Aggressive profile for slower failover timer settings.
- D . Use the Critical profile for faster failover timer settings.
A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged.
Given the information, what is the best choice for deploying User-ID to ensure maximum coverage?
- A . Captive portal
- B . Standalone User-ID agent
- C . Syslog listener
- D . Agentless User-ID with redistribution
Which operation will impact the performance of the management plane?
- A . Decrypting SSL sessions
- B . Generating a SaaS Application report
- C . Enabling DoS protection
- D . Enabling packet buffer protection
When an engineer configures an active/active high availability pair, which two links can they use? (Choose two)
- A . HSCI-C
- B . Console Backup
- C . HA3
- D . HA2 backup
A network security administrator has been tasked with deploying User-ID in their organization.
What are three valid methods of collecting User-ID information in a network? (Choose three.)
- A . Windows User-ID agent
- B . GlobalProtect
- C . XMLAPI
- D . External dynamic list
- E . Dynamic user groups
Which GlobalProtect gateway selling is required to enable split-tunneling by access route, destination domain, and application?
- A . No Direct Access to local networks
- B . Tunnel mode
- C . iPSec mode
- D . Satellite mode
Which DoS Protection Profile detects and prevents session exhaustion attacks against specific destinations?
- A . Resource Protection
- B . TCP Port Scan Protection
- C . Packet Based Attack Protection
- D . Packet Buffer Protection
Given the following snippet of a WildFire submission log, did the end user successfully download a file?
- A . No, because the URL generated an alert.
- B . Yes, because both the web-browsing application and the flash file have the ‘alert" action.
- C . Yes, because the final action is set to "allow.”
- D . No, because the action for the wildfire-virus is "reset-both."
After implementing a new NGFW, a firewall engineer sees a VoIP traffic issue going through the firewall After troubleshooting the engineer finds that the firewall performs NAT on the voice packets payload and opens dynamic pinholes for media ports.
What can the engineer do to solve the VoIP traffic issue?
- A . Disable ALG under H.323 application
- B . Increase the TCP timeout under H.323 application
- C . Increase the TCP timeout under SIP application
- D . Disable ALG under SIP application