Palo Alto Networks Certified Network Security Consultant Exam Practice Test

Page: 1 / 14
Total 75 questions

Question 1

Which processing order will be enabled when a panorama administrator selects the setting "Objects defined in ancestors will takes higher precedence?



Answer : B

Question 2

An administrator deploys PA-500 NGFWs as an active/passive high availability pair . The devices are not participating in dynamic router and preemption is disabled.

What must be verified to upgrade the firewalls to the most recent version of PAN OS software?



Answer : B

Question 3

Which prerequisite must be satisfied before creating an SSH proxy Decryption policy?



Answer : A

Question 4

A web server is hosted in the DMZ and the server re configured to listen for income connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server host its contents over Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.

Which combination of service and application, and order of Security policy rules needs to be configured to allow cleaned web-browsing traffic to the server on tcp/443?



Answer : C

Question 5

Which administrative authentication method supports authorization by an external service?



Answer : B

Question 6

Which administrative authentication method supports authorization by an external service?



Answer : A

Question 7

Which two benefits come from assigning a Decrypting Profile to a Decryption rule with a'' NO Decrypt'' action? (Choose two.)



Answer : B, E

Page:    1 / 14   
Total 75 questions