PCNSE6 Premium Bundle

PCNSE6 Premium Bundle

Palo Alto Networks Certified Network Security Engineer 6.0 Certification Exam

4.5 
(20175 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
November 23, 2024Last update

Paloalto-Networks PCNSE6 Free Practice Questions

Q1. What option should be configured when using User-ID 

A. Enable User-ID per zone 

B. Enable User-ID per interface 

C. Enable User-ID per Security Policy 

D. None of the above 

Answer:

Q2. Which of the Dynamic Updates listed below are issued on a daily basis? 

A. Global Protect 

B. URL Filtering 

C. Antivirus 

D. Applications and Threats 

Answer: B,C 

Q3. HOTSPOT 

Match the components with their role in preventing threats. 

Answer options may be used more than once or not at all. 

Answer:  

Q4. Which two interface types can be used when configuring GlobalProtect Portal? Choose 2 answers 

A. Virtual Wire 

B. Loopback 

C. Tunnel 

D. Layer3 

Answer: B,D 

Explanation: 

Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/61/globalprotect/globalprotect-admin-guide.pdf page 10 

Q5. After pushing a security policy from Panorama to a PA-3020 firewall, the firewall administrator notices that traffic logs from the PA-3020 are not appearing in Panorama's traffic logs. 

What could be the problem? 

A. The firewall is not licensed for logging to this Panorama device. 

B. Panorama is not licensed to receive logs from this particular firewall. 

C. None of the firewall’s policies have been assigned a Log Forwarding profile. 

D. A Server Profile has not been configured for logging to this Panorama device. 

Answer:

Q6. HOTSPOT 

Assuming that the default antivirus profile is installed, match each decoder with its default action. 

Answer options may be used more than once or not at all. 

Answer:  

Q7. In Active/Active HA environments, redundancy for the HA3 interface can be achieved by 

A. Configuring a corresponding HA4 interface 

B. Configuring HA3 as an Aggregate Ethernet bundle 

C. Configuring multiple HA3 interfaces 

D. Configuring HA3 in a redundant group 

Answer:

Q8. Which routing protocol is supported on the Palo Alto Networks platform? 

A. BGP 

B. RSTP 

C. ISIS 

D. RIPv1 

Answer:

Q9. WildFire Analysis Reports are available for the following Operating Systems (select all that apply) 

A. Windows XP 

B. Windows 7 

C. Windows 8 

D. Mac OS-X 

Answer: A,B,C 

Q10. Subsequent to the installation of new licenses, the firewall must be rebooted 

A. True 

B. False 

Answer:

Q11. Which of the following is NOT a valid option for built-in CLI access roles? 

A. read/write 

B. superusers 

C. vsysadmin 

D. deviceadmin 

Answer:

Q12. A company has purchased a WildFire subscription and would like to implement dynamic updates to download the most recent content as often as possible. 

What is the shortest time interval the company can configure their firewall to check for WildFire updates? 

A. Every 24 hours 

B. Every 30 minutes 

C. Every 15 minutes 

D. Every 1 hour 

E. Every 5 minutes 

Answer:

Explanation: 

Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/60/wildfire/WF_Admin/section_1.pdf page 11 

Q13. When a Palo Alto Networks firewall is forwarding traffic through interfaces configured for L2 mode, security policies can be set to match on multicast IP addresses. 

A. True 

B. False 

Answer:

Q14. Which method is the most efficient for determining which administrator made a specific change to the running config? 

A. In the Configuration log, set a filter for the edit command and look for the object that was changed. 

B. In the System log, set a filter for the name of the object that was changed. 

C. In Config Audit, compare the current running config to all of the saved configurations until the change is found. 

D. In Config Audit, compare the current running config to previous committed versions until the change is found. 

Answer:

Q15. Which of the following are methods HA clusters use to identify network outages? 

A. Path and Link Monitoring 

B. VR and VSys Monitors 

C. Heartbeat and Session Monitors 

D. Link and Session Monitors 

Answer:

START PCNSE6 EXAM