Palo Alto Networks PCNSC Exam Questions Instant Access

Question 1

Which of the following is NOT a benefit of using App-ID?

AIdentifies applications running on non-standard ports

BBlocks application traffic that uses dynamic ports

CReduces the attack surface by allowing only required applications

DEnsures consistent bandwidth allocation for all applications

Answer : D

Question 2

In preparation for a cutover event, what two processes or procedures should be verified? (Choose two)

Aauditing

Bchange management requirements

Croles and responsibilities

Dlogging and reporting

Answer : B, C

For any cutover event, especially when dealing with network security infrastructure like Palo Alto Networks firewalls, it is critical to ensure that:

Change Management Requirements (B): This involves verifying that all planned changes have been approved, documented, and communicated to all relevant stakeholders. The change management process ensures that any modifications are controlled, predictable, and include a rollback plan in case of issues. Reference: Palo Alto Networks Best Practices for Change Management Documentation.

Roles and Responsibilities (C): Clearly defined roles and responsibilities ensure that everyone involved knows their specific tasks during the cutover. This reduces confusion, ensures accountability, and helps in the smooth execution of the cutover plan. It includes defining who is responsible for specific tasks, who needs to be notified, and who has the authority to make decisions. Reference: Palo Alto Networks Operational Best Practices Documentation.

Question 3

A customer has a pair of Panorama HA appliances tunning local log collectors and wants to have log redundancy on logs forwarded from firewalls Which two configuration options fulfill the customer's requirement for log redundancy? (Choose two)

APanorama operational mode needs to be Dedicated Log Collector

BLog redundancy must be enabled per Collector Group

CA Collector Group must contain at least two Log Collectors

DPanorama configured in HA provides log redundancy

Answer : B, C

To fulfill the customer's requirement for log redundancy on logs forwarded from firewalls in a Panorama HA setup, the following configuration options are necessary:

B . Log redundancy must be enabled per Collector Group: This ensures that logs are redundantly stored across multiple log collectors within the same collector group.

C . A Collector Group must contain at least two Log Collectors: For log redundancy to work, there must be at least two log collectors in the collector group so that if one log collector fails, the other can continue to collect logs.

These configurations ensure that log data is replicated across multiple log collectors, providing redundancy and resilience in the event of a failure.

Palo Alto Networks - Configure Log Forwarding and Redundancy: https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/manage-log-collection/configure-log-forwarding-and-redundancy

Palo Alto Networks - Panorama High Availability: https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-high-availability

Question 4

Which category of Vulnerability Signatures is most likely to trigger false positive alerts?

Acode-execution

Bphishing

Cinfo-leak

Dbrute-force

Answer : C

The category of Vulnerability Signatures that is most likely to trigger false positive alerts is:

C . info-leak

Information leakage signatures are designed to detect attempts to access or disclose sensitive information. These signatures can be prone to false positives because benign activities or legitimate data transmissions can sometimes be mistakenly identified as information leaks.

Palo Alto Networks - Managing False Positives in Threat Prevention: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/threat-prevention/manage-false-positives-in-threat-prevention

Palo Alto Networks - Vulnerability Protection: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/threat-prevention/vulnerability-protection

Question 5

What is the maximum number of virtual systems supported by a Palo Alto Networks VM-300 firewall?

A10

Answer : B

Question 6

A customer has deployed a GlobalProtect portal and gateway as its remote-access VPN solution for its fleet of Windows 10 laptops

The customer wants to use Host information Profile (HIP) data collected at the GlobalProtect gateway throughout its enterprise as an additional means of policy enforcement

What additional licensing must the customer purchase?

ADNS Security on the perimeter firewall

BGlobalProtect license for each firewall that will use HIP data to enforce policy

CWildFire license

DGlobalProtect license for the gateway firewall

Answer : B

To utilize Host Information Profile (HIP) data collected at the GlobalProtect gateway for policy enforcement throughout the enterprise, the customer needs to purchase a GlobalProtect license for each firewall that will use HIP data to enforce policy. The GlobalProtect license enables the firewall to collect and use HIP data to create policies based on the security posture of the endpoints.

Palo Alto Networks - GlobalProtect Licensing: https://docs.paloaltonetworks.com/globalprotect/10-0/globalprotect-admin/globalprotect-licenses

Question 7

Which touting configuration should you recommend lo a customer who wishes lo actively use multiple pathways to the same destination?

AOSPF

BECMP

CBGP

DRlPv2

Answer : B

For a customer who wishes to actively use multiple pathways to the same destination, the recommended routing configuration is:

B . ECMP (Equal-Cost Multi-Path)

ECMP allows the use of multiple paths to the same destination with equal cost metrics, enabling load balancing and redundancy. It is suitable for scenarios where multiple pathways are desired for traffic distribution and fault tolerance.

Palo Alto Networks - ECMP Overview: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-networking-admin/ecmp

Palo Alto Networks - Configuring ECMP: https://knowledgebase.paloaltonetworks.com

Palo Alto Networks Certified Network Security Consultant PCNSC Exam Questions