PCNSE Online Practice Questions and Answers

Cortex XDR notifies an administrator about grayware on the endpoints.

There are no entnes about grayware in any of the logs of the corresponding firewall.

Which setting can the administrator configure on the firewall to log grayware verdicts?

A. within the log settings option in the Device tab

B. within the log forwarding profile attached to the Security policy rule

C. in WildFire General Settings, select "Report Grayware Files"

D. in Threat General Settings^ select "Report Grayware Files"

What is a key step in implementing WildFire best practices?

A. In a mission-critical network, increase the WildFire size limits to the maximum value

B. In a security-first network set the WildFire size limits to the minimum value

C. Configure the firewall to retrieve content updates every minute

D. Ensure that a Threat Prevention subscription is active

Which two features can be used to tag a username so that it is included in a dynamic user group? (Choose two)

A. log forwarding auto-tagging

B. GlobafProtect agent

C. User-ID Windows-based agent

D. XML API

To more easily reuse templates and template slacks , you can create term plate variables in place of firewall-specific and appliance-specific IP literals in your configurations.

Which one is the correct configuration?

A. @Panorama

B. #Pancrama

C. andPanorama

D. $Panorama

Which virtual router feature determines if a specific destination IP address is reachable?

A. Heartbeat Monitoring

B. Failover

C. Path Monitoring

D. Ping-Path

YouTube videos are consuming too much bandwidth on the network, causing delays in mission-critical traffic. The administrator wants to throttle YouTube traffic. The following interfaces and zones are in use on the firewall:

*

ethernet1/1, Zone: Untrust (Internet-facing)

*

ethernet1/2, Zone: Trust (client-facing)

A QoS profile has been created, and QoS has been enabled on both interfaces. A QoS rule exists to put the YouTube application into QoS class 6. Interface Ethernet1/1 has a QoS profile called Outbound, and interface Ethernet1/2 has a QoS profile called Inbound.

Which setting for class 6 with throttle YouTube traffic?

A. Outbound profile with Guaranteed Ingress

B. Outbound profile with Maximum Ingress

C. Inbound profile with Guaranteed Egress

D. Inbound profile with Maximum Egress

Which type of interface does a firewall use to forward decrypted traffic to a security chain for inspection?

A. Layer 1

B. Layer 3

C. Tap

D. Decryption Mirror

An engineer needs to redistribute User-ID mappings from multiple data centers. Which data flow best describes redistribution of user mappings?

A. Domain Controller to User-ID agent

B. User-ID agent to Panorama

C. User-ID agent to firewall

D. firewall to firewall

A network security administrator wants to enable Packet-Based Attack Protection in a Zone Protection profile.

What are two valid ways to enable Packet-Based Attack Protection? (Choose two.)

A. ICMP Drop

B. TCP Drop

C. TCP Port Scan Block

D. SYN Random Early Drop

After switching to a different WAN connection, users have reported that various websites will not load, and timeouts are occurring. The web servers work fine from other locations.

The firewall engineer discovers that some return traffic from these web servers is not reaching the users behind the firewall. The engineer later concludes that the maximum transmission unit (MTU) on an upstream router interface is set to

1400 bytes.

The engineer reviews the following CLI output for ethernet1/1.

Which setting should be modified on ethernet1/1 to remedy this problem?

A. Change the subnet mask from /23 to /24.

B. Lower the interface MTU value below 1500.

C. Adjust the TCP maximum segment size (MSS) value.

D. Enable the Ignore IPv4 Don't Fragment (DF) setting.