[Free] 2019(Nov) EnsurePass Palo Alto Networks PCNSE Dumps with VCE and PDF 71-80

Get Full Version of the Exam
http://www.EnsurePass.com/PCNSE.html

Question No.71

An administrator needs to optimize traffic to prefer business-criticalapplications over non-critical applications. QoS natively integrates with which feature to provide service quality?

  1. Port Inspection

  2. Certificate revocation

  3. Content-ID

  4. App-ID

Correct Answer: D

Explanation:

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/quality-of-service/qos-for- applications-and-users

Question No.72

An administrator wants multiple web servers in the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.1.22. Based on the information shown in the image, which NAT rule will forward web- browsing traffic correctly?

image

  1. Source IP: Any

    Destination IP: 206.15.22.9 Source Zone: Internet Destination Zone: DMZ Destination Service: 80/TCP Action: Destination NAT Translated IP: 10.2.2.23 Translated Port: 53/UDP

  2. Source IP: Any

    Destination IP: 206.15.22.9 Source Zone: Internet Destination Zone: Internet Destination Service: 80/TCP Action: Destination NAT Translated IP: 10.1.1.22 Translated Port: 53/UDP

  3. Source IP: Any

    Destination IP: 206.15.22.9

    Source Zone: Internet Destination Zone: Internet Destination Service: 80/TCP Action: Destination NAT Translated IP: 10.1.1.22 Translated Port: None

  4. Source IP: Any

Destination IP: 206.15.22.9 Source Zone: Internet Destination Zone: DMZ Destination Service: 80/TCP Action: Destination NAT Translated IP: 10.1.1.22 Translated Port: 80/TCP

Correct Answer: D

Question No.73

Which two options prevent the firewall from capturing traffic passing through it? (Choose two.)

  1. The firewall is in multi-vsys mode.

  2. The traffic is offloaded.

  3. The traffic does not match the packet capture filter.

  4. The firewall#39;s DP CPU is higher than 50%.

Correct Answer: BC

Explanation:

https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/take-packet- captures/disable-hardware-offload

Question No.74

Which operation will impact the performanceof the management plane?

  1. WildFire Submissions

  2. DoS Protection

  3. decrypting SSL Sessions

  4. Generating a SaaS Application Report.

Correct Answer: C

Question No.75

Which CLI command enables an administrator to view details about the firewall including uptime, PAN-OS?version, and serial number?

  1. debug system details

  2. show session info

  3. show system info

  4. show system details

Correct Answer: C

Explanation: https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical- documentation/pan-os-60/PAN-OS-6.0-CLI-ref.pdf

Question No.76

An administrator has left a firewall to use the default port for all management services. Which three functions are performed by the dataplane? (Choose three.)

  1. WildFire updates

  2. NAT

  3. NTP

  4. antivirus

  5. File blocking

Correct Answer: ABC

Question No.77

The firewall identifies a popular application as an unknown-tcp. Which two options are available to identify the application? (Choose two.)

  1. Create a custom application.

  2. Create a custom object for the custom application server to identify the custom application.

  3. Submit an Apple-ID request to Palo Alto Networks.

  4. Create a Security policy to identify the custom application.

Correct Answer: AB

Explanation:

https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/app-id/use-application- objects-in-policy/create-a-custom-application

Question No.78

Which CLI command enables an administrator to check the CPU utilization of the dataplane?

  1. show running resource-monitor

  2. debug data-plane dp-cpu

  3. show system resources

  4. debug running resources

Correct Answer: A

Question No.79

An administrator has configured the Palo Alto Networks NGFW#39;s management interface to connect to the internet through a dedicated path that does not traverse back through the NGFW itself. Which configuration setting or step will allow the firewall to get automatic application signature updates?

  1. A scheduler will need to be configured for application signatures.

  2. A Security policy rule will need to be configured to allow the update requests from the firewall to the update servers.

  3. A Threat Prevention license will need to be installed.

  4. A service route will need to be configured.

Correct Answer: D

Explanation:

The firewall uses the service route to connect to the Update Server and checks for new content

release versions and, if there are updates available, displays them at the top of the list.

https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/device/device- dynamic-updates

Question No.80

The certificate information displayed in the following image is for which type of certificate?

image

  1. Forward Trust certificate

  2. Self-Signed Root CA certificate

  3. Web Server certificate

  4. Public CA signed certificate

Correct Answer: D

Get Full Version of the Exam
PCNSE Dumps
PCNSE VCE and PDF