[Free] 2019(Nov) EnsurePass Palo Alto Networks PCNSE Dumps with VCE and PDF 31-40

Get Full Version of the Exam

Question No.31

A customer wants to combine multiple Ethernet interfaces into a single virtual interface using link aggregation. Which two formats are correct for naming aggregate interfaces? (Choose two.)

  1. ae.8

  2. aggregate.1

  3. ae.1

  4. aggregate.8

Correct Answer: AC

Question No.32

A session in the Traffic log is reporting the application as quot;incomplete.quot; What does quot;incompletequot; mean?

  1. The three-way TCP handshake was observed, but the application could not be identified.

  2. The three-way TCP handshake did not complete.

  3. The traffic is coming across UDP, and the application could not be identified.

  4. Data was received but was instantly discarded because of a Deny policy was applied before App- IDcould be applied.

Correct Answer: B

Question No.33

Which feature prevents the submission of corporate login information into website forms?

  1. Data filtering

  2. User-ID

  3. File blocking

  4. Credential phishing prevention

Correct Answer: D


https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform- contributes-to-gdpr-compliance

Question No.34

A client has a sensitive application server in their data center and is particularlyconcerned about session flooding because of denial of-service attacks. How can the Palo Alto Networks NGFW be configured to specifically protect this server against session floods originating from a single IP address?

  1. Define a custom App-ID to ensure that only legitimate application traffic reaches the server

  2. Add QoS Profiles to throttle incoming requests

  3. Add a tuned DoS Protection Profile

  4. Add an Anti-Spyware Profile to block attacking IP address

Correct Answer: C

Question No.35

A company needs to preconfigure firewalls to be sent to remote sites with the least amount of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data centers. Which VPN configuration would adapt to changes when deployed to the future site?

  1. Preconfigured GlobalProtect satellite

  2. Preconfigured GlobalProtectclient

  3. Preconfigured IPsec tunnels

  4. Preconfigured PPTP Tunnels

Correct Answer: A

Question No.36

Decrypted packets from the website https://www.microsoft.com will appear as which application and service within the Traffic log?

  1. web-browsing and 443

  2. SSL and 80

  3. SSL and 443

  4. web-browsing and 80

Correct Answer: A

Question No.37

Which DoS protection mechanism detects and prevents session exhaustion attacks?

  1. Packet Based Attack Protection

  2. Flood Protection

  3. Resource Protection

  4. TCP Port Scan Protection

Correct Answer: C



Question No.38

Refer to the exhibit. Which certificates can be used as a Forwarded Trust certificate?


  1. Certificate fromDefault Trust Certificate Authorities

  2. Domain Sub-CA

  3. Forward_Trust

  4. Domain-Root-Cert

Correct Answer: A

Question No.39

How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

  1. Configure the option for quot;Thresholdquot;.

  2. Disable automatic updates during weekdays.

  3. Automatically quot;download onlyquot; and then install Applications and Threats later, after the administrator approves the update.

  4. Automatically quot;download and installquot; but with the quot;disable new applicationsquot; option used.

Correct Answer: A

Question No.40

An administrator has been asked to configure a Palo Alto Networks NGFW to provide protection against external hosts attempting to exploit a flaw in an operating system on an internal system. Which Security Profile type will prevent this attack?

  1. Vulnerability Protection

  2. Anti-Spyware

  3. URL Filtering

  4. Antivirus

Correct Answer: A


https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/objects/objects- security-profiles-vulnerability-protection

Get Full Version of the Exam

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com