Dumps4free
Discount Offer
Go Back on PCNSE Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99



Pass exam with Dumps4free or we will provide you with three additional months of access for FREE.

PCNSE Practice Test


Page 12 out of 59 Pages

What must be configured to apply tags automatically based on User-ID logs?


A. Device ID


B. Log Forwarding profile


C. Group mapping


D. Log settings





D.   Log settings

Explanation:
To apply tags automatically based on User-ID logs, the engineer must configure a Log Forwarding profile that specifies the criteria for matching the logs and the tags to apply. The Log Forwarding profile can be attached to a security policy rule or a decryption policy rule to enable auto-tagging for the traffic that matches the rule. The tags can then be used for dynamic address groups, policy enforcement, or reporting1.
References:
Use Auto-Tagging to Automate Security Actions, PCNSE Study Guide (page 49)

An administrator is using Panorama to manage multiple firewalls. After upgrading all devices to the latest PAN-OS software, the administrator enables log forwarding from the firewalls to Panorama.
However, pre-existing logs from the firewalls are not appearing in Panorama.
Which action should be taken to enable the firewalls to send their pre-existing logs to Panorama?


A. Export the log database.


B. Use the import option to pull logs.


C. Use the scp logdb export command.


D. Use the ACC to consolidate the logs.





A.   Export the log database.

A firewall engineer is tasked with defining signatures for a custom application. Which two sources can the engineer use to gather information about the application patterns'? (Choose two.)


A. Traffic logs


B. Data filtering logs


C. Policy Optimizer


D. Wireshark





A.   Traffic logs

D.   Wireshark

Explanation: To determine which sources an engineer can use to gather information about application patterns for creating custom signatures, let’s analyze each option based on PAN-OS 11.0 documentation and typical network troubleshooting practices.

A. Traffic Logs
Why It’s Correct:
How to Use:
Documentation Reference:

B. Data Filtering Logs
Why It’s Incorrect:
Documentation Reference:

C. Policy Optimizer
Why It’s Incorrect:
Documentation Reference:

D. Wireshark
Why It’s Correct:
How to Use:
Documentation Reference:

Summary of Correct Choices
Traffic Logs:
Wireshark:

Which two scripting file types require direct upload to the Advanced WildFire portal/API for analysis? (Choose two.)


A. Ps1


B. Perl


C. Python


D. VBS





B.   Perl

D.   VBS

An engineer has been asked to limit which routes are shared by running two different areas within an OSPF implementation. However, the devices share a common link for communication. Which virtual router configuration supports running multiple instances of the OSPF protocol over a single link?


A. OSPFV3


B. ECMP


C. ASBR


D. OSBF





A.   OSPFV3


Page 12 out of 59 Pages
Previous