PCNSE Practice Test

What are two benefits of nested device groups in Panorama? (Choose two.)

A.

Reuse of the existing Security policy rules and objects

B.

Requires configuring both function and location for every device

C.

All device groups inherit settings form the Shared group

D.

Overwrites local firewall configuration

An administrator has enabled OSPF on a virtual router on the NGFW. OSPF is not adding new routes to the virtual router. Which two options enable the administrator to troubleshoot this issue? (Choose two.)

A.

View Runtime Stats in the virtual router.

B.

View System logs.

C.

Add a redistribution profile to forward as BGP updates.

D.

Perform a traffic pcap at the routing stage.

A PaloAlto Networks NGFW just submitted a file to WildFire for analysis. Assume a 5-minute window for
analysis. The firewall is configured to check for verdicts every 5 minutes.
How quickly will the firewall receive back a verdict?

A.

More than 15 minutes

B.

5 minutes

C.

10 to 15 minutes

D.

5 to 10 minutes

Refer to the exhibit.

An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the
specific server based on the application, where Host A (10.1.1.100) received HTTP traffic and
hostB(10.1.1.101) receives SSH traffic.
Which two security policy rules will accomplish this configuration? (Choose two)

A.

Untrust (Any) to Untrust (10.1.1.1) Ssh-Allow

B.

Untrust (Any) to DMZ (1.1.1.100) Ssh-Allow

C.

Untrust (Any) to DMZ (1.1.1.100) Web-browsing -Allow

D.

Untrust (Any) to Untrust (10.1.1.1) Web-browsing -Allow

Refer to the exhibit.

An administrator cannot see any if the Traffic logs from the Palo Alto Networks NGFW on Panorama. The configuration problem seems to be on the firewall side. Where is the best place on the Palo Alto Networks NGFW to check whetherthe configuration is correct?

A.

Option A

B.

Option B

C.

Option C

D.

Option D