PCNSE Practice Test

Which virtual router feature determines if a specific destination IP address is reachable?

A.

Heartbeat Monitoring

B.

Failover

C.

Path Monitoring

D.

Ping-Path

Which item enables a firewall administrator to see details about traffic that is currently active through the NGFW?

A.

ACC

B.

System Logs

C.

App Scope

D.

Session Browser

Which Panorama administrator types require the configuration of atleast one access domain? (Choose two)

A.

Dynamic

B.

Custom Panorama Admin

C.

Role Based

D.

Device Group

E.

Template Admin

A client has a sensitive application server in theirdata center and is particularly concerned about resource exhaustion because of distributed denial-of-service attacks.
How can the Palo Alto Networks NGFW be configured to specifically protect this server against resource exhaustion originating from multiple IP addresses (DDoS attack)?

A.

Define a custom App-ID to ensure that only legitimate application traffic reaches the server.

B.

Add a Vulnerability Protection Profile to block the attack.

C.

Add QoS Profiles to throttle incoming requests.

D.

Add a DoS Protection Profile with defined session count.

If an administrator wants to decrypt SMTP traffic and possesses the server’s certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic to the server?

A.

TLS Bidirectional Inspection

B.

SSL Inbound Inspection

C.

SSH Forward Proxy

D.

SMTP Inbound Decryption