Palo Alto Networks PCNSC Exam Practice Test Instant Access

Question 1

Your customer believes that the Panorama appliance is being overwhelmed by the logs from deployed Palo Alto Networks Next-Generation Firewalls. What CLl command can you run to determine the number of logs per second sent by each firewall?

Adebug log-sender statistics

Blogging status

Cshow log traffic

Ddebug log-receiver statistics

Answer : D

To determine the number of logs per second sent by each firewall to a Panorama appliance, the appropriate CLI command to use is:

D . debug log-receiver statistics

This command provides detailed statistics about the logs being received by the Panorama, including the rate at which logs are being sent by each connected firewall. This information can help identify whether the Panorama is being overwhelmed by the volume of logs and which firewalls are contributing the most to the log traffic.

Palo Alto Networks - CLI Commands for Troubleshooting Panorama: https://docs.paloaltonetworks.com

Palo Alto Networks - Managing Logs and Log Forwarding: https://knowledgebase.paloaltonetworks.com

Question 2

A firewall that was previously connected lo a User-ID agent server now shows disconnected What is the likely cause?

AThe server has stopped listening on port 2010

BThe Domain Controller service account has been locked out

CThe agent is not running

DThe firewall was upgraded to a PAN-OS version that is not compatible with the agent version

Answer : D

If a firewall that was previously connected to a User-ID agent server now shows disconnected, the likely cause is:

D . The firewall was upgraded to a PAN-OS version that is not compatible with the agent version

When a firewall is upgraded to a new version of PAN-OS, there can be compatibility issues with the existing User-ID agent if it is not updated accordingly. This can result in the firewall being unable to communicate with the User-ID agent, showing it as disconnected.

Palo Alto Networks - User-ID Agent Compatibility: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/user-id/user-id-agent

Question 3

Which of the following WildFire action settings will ensure that a malicious file is quarantined and prevented from spreading?

AAlert

BAllow

CBlock

DReset-Both

Answer : C

Question 4

What feature should be used to decrypt and inspect inbound SSL traffic without having to install a certificate on the client devices?

ASSL Inbound Inspection

BSSL Outbound Inspection

CSSL Forward Proxy

DSSL Reverse Proxy

Answer : D

Question 5

What is the maximum number of virtual systems supported by a Palo Alto Networks VM-300 firewall?

A10

Answer : B

Question 6

Which two log types are necessary to fully investigate a network intrusion? (Choose two)

AURL Filtering log

BTraffic log

CThreat log

DSystem log

Answer : B, C

Question 7

Which CLI command is used to verify the high availability state of a Palo Alto Networks firewall?

Ashow high-availability state

Bshow ha state

Cshow ha status

Dshow high-availability status

Answer : C

Palo Alto Networks Certified Network Security Consultant PCNSC Exam Practice Test