Palo Alto Networks Certified Network Security Engineer 6 - PCNSE6 Exam Questions
QUESTION NO: 1
A company wants to run their pair of PA-200 firewalls in a High Availability Active/Passive configuration and will be using HA-Lite.
Which capability can be used in this situation?
A company wants to run their pair of PA-200 firewalls in a High Availability Active/Passive configuration and will be using HA-Lite.
Which capability can be used in this situation?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 2
Which URL Filtering Security Profile action logs the URL Filtering category to the URL Filtering log?
Which URL Filtering Security Profile action logs the URL Filtering category to the URL Filtering log?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
Which mechanism is used to trigger a High Availability (HA) failover if a firewall interface goes down?
Which mechanism is used to trigger a High Availability (HA) failover if a firewall interface goes down?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
It is discovered that WebandNetTrends Unlimited's new web server software produces traffic that the Palo Alto Networks firewall sees as "unknown-tcp" traffic.
Which two configurations would identify the application while preserving the ability of the firewall to perform content and threat detection on the traffic? Choose 2 answers
It is discovered that WebandNetTrends Unlimited's new web server software produces traffic that the Palo Alto Networks firewall sees as "unknown-tcp" traffic.
Which two configurations would identify the application while preserving the ability of the firewall to perform content and threat detection on the traffic? Choose 2 answers
Correct Answer: A,B
QUESTION NO: 5
HOTSPOT
Within a Zone Protection Profile, under the Reconnaissance Protection tab, there are several possible values for Action:
Match each Reconnaissance Protection Action to its description. Answer options may be used more than once or not at all.
HOTSPOT
Within a Zone Protection Profile, under the Reconnaissance Protection tab, there are several possible values for Action:
Match each Reconnaissance Protection Action to its description. Answer options may be used more than once or not at all.
Correct Answer:
Explanation:
Allow: Permits the port scan attempts.
Alert: Generates an alert for each scan that matches the threshold within the specified time
interval.
Block: Drops all traffic from the source to the destination.
Block IP: Drops all traffic for a specific period of time (in seconds). There are two options:
Source: Blocks traffic from the source
Source-and-Destination: Blocks traffic for the source-destination pair https://live.paloaltonetworks.com/servlet/JiveServlet/previewBody/5078-102-514892/Understanding_DoS_Protection.pdf
QUESTION NO: 6
HOTSPOT
Match each type of report provided by the firewall with its description. Answer options may be used more than once or not at all.
HOTSPOT
Match each type of report provided by the firewall with its description. Answer options may be used more than once or not at all.
Correct Answer:
Explanation:
PDF Summary Reports - Reports that combine up to 18 custom or predefined reports from the Threat, Application, Traffic, URL Filtering Categories into one document. Report Groups - Reports the combine other custom and predefined reports into a single file to be emailed to one or more recipients. Custom Reports - Reports created by an administrator that filter on conditions and columns User or Groups Activity Reports - Reports on the application use and URL activity for a specific user or a group
Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworkscom/en_US/assets/pdf/framemaker/61/panorama/Panorama_AdminGuide/section_6.pdf page 151
