[Free] 2019(Nov) EnsurePass Palo Alto Networks PCNSE Dumps with VCE and PDF 191-200

Get Full Version of the Exam

Question No.191

The web server is configured to listen for HTTP traffic on port 8080. The clients access the web server using the IPaddress on TCP Port 80. The destination NAT rule is configured to translate both IP address and report to on TCP Port 8080. Which NAT and security rules must be configured on the firewall? (Choose two)


  1. A security policy with asource of any from untrust-I3 Zone to a destination of in dmz-I3 zone using web-browsing application

  2. A NAT rule with a source of any from untrust-I3 zone to a destination of in dmz-zone using service-http service.

  3. A NAT rule with a source of any from untrust-I3 zone to a destination of in untrust-I3 zone using service-http service.

  4. A security policy with a source of any from untrust-I3 zone to a destination of 1.1.100 in dmz-I3 zone using web-browsing application.

Correct Answer: BD

Question No.192

A company has a pair of Palo Alto Networks firewalls configured asan Acitve/Passive High Availability (HA) pair. What allows the firewall administrator to determine the last date a failover event occurred?

  1. From the CLI issue use the show System log

  2. Apply the filter subtype eq ha to the System log

  3. Apply the filter subtype eq ha to the configuration log

  4. Check the status of the High Availability widget on the Dashboard of the GUI

Correct Answer: B

Question No.193

Which two logs on the firewallwill contain authentication-related information useful for troubleshooting purpose? (Choose two)

  1. ms.log

  2. traffic.log

  3. system.log

  4. dp-monitor.log

  5. authd.log

Correct Answer: CE

Question No.194

Which two options are required on an M-100 appliance to configure it as a Log Collector? (Choose two)

  1. From the Panorama tab of the Panorama GUI select Log Collector mode and then commit changes

  2. Enter the command request system system-mode logger then enter Y to confirm the change to Log Collector mode.

  3. From the Device tab ofthe Panorama GUI select Log Collector mode and then commit changes.

  4. Enter the command logger-mode enable the enter to confirm the change to Log Collector mode.

  5. Log in the Panorama CLI of the dedicated Log Collector

Correct Answer: BE

Explanation: https://www.paloaltonetworks.com/documentation/60/panorama/panorama_adminguide/set-up- panorama/set-up-the-m-100-appliance

Question No.195

Which three options does the WF-500 appliance support for local analysis? (Choose three)

  1. E-mail links

  2. APK files

  3. jar files

  4. PNG files

  5. Portable Executable (PE) files

Correct Answer: ACE

Question No.196

A network design change requires an existing firewall to start accessing Palo Alto Updates from a data plane interface address instead of the management interface. Which configuration setting needs to be modified?

  1. Service route

  2. Default route

  3. Management profile

  4. Authentication profile

Correct Answer: A

Question No.197

How are IPV6 DNS queries configured to user interface ethernet1/3?

  1. Network gt; Virtual Router gt; DNS Interface

  2. Objects gt;CustomerObjects gt; DNS

  3. Network gt; Interface Mgrnt

  4. Device gt; Setup gt; Services gt; Service Route Configuration

Correct Answer: D

Question No.198

Which three rule types are available when defining policies in Panorama? (Choose three.)

  1. Pre Rules

  2. Post Rules

  3. Default Rules

  4. Stealth Rules

  5. Clean Up Rules

Correct Answer: ABC


https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/panorama-web- interface/defining-policies-on-panorama

Question No.199

When using the predefined default profile, the policy will inspect for viruses on the decoders. Match each decoder with its default action. Answer options may be used more than once or not at all.


Correct Answer:


Question No.200

Which two interface types can be used when configuring GlobalProtect Portal? (Choose two)

  1. Virtual Wire

  2. Loopback

  3. Layer 3

  4. Tunnel

Correct Answer: BC

Get Full Version of the Exam

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com