Palo Alto Networks Certified Network Security Engineer (PAN-OS 10.0) Exam Practice Test

Page: 1 / 14
Total 455 questions

Question 1

Which two virtualized environments support Active/Active High Availability (HA) in PAN-OS 8.0? (Choose two.)



Answer : A, B

Question 2

Which two actions are required to make Microsoft Active Directory users appear in a firewall traffic log? (Choose two.)



Answer : A, D

Question 3

A distributed log collection deployment has dedicated log Collectors. A developer needs a device to send logs to Panorama instead of sending logs to the Collector Group.

What should be done first?



Answer : C

Question 4

Which Device Group option is assigned by default in Panorama whenever a new device group is created to manage a Firewall?



Answer : C

Question 5

Refer to Exhibit:

A firewall has three PDF rules and a default route with a next hop of 172.29.19.1 that is configured in the default VR. A user named XX-bes a PC with a 192.168.101.10 IP address.

He makes an HTTPS connection to 172.16.10.29.

What is the next hop IP address for the HTTPS traffic from Wills PC.



Answer : B

Question 6

Company.com has an in-house application that the Palo Alto Networks device doesn't identify correctly. A Threat Management Team member has mentioned that this in-house application is very sensitive and all traffic being identified needs to be inspected by the Content-ID engine.

Which method should company.com use to immediately address this traffic on a Palo Alto Networks device?



Answer : D

Question 7

A company has a web server behind a Palo Alto Networks next-generation firewall that it wants to make accessible to the public at 1.1.1.1. The company has decided to configure a destination NAT Policy rule.

Given the following zone information:

* DMZ zone: DMZ-L3

* Public zone: Untrust-L3

* Guest zone: Guest-L3

* Web server zone: Trust-L3

* Public IP address (Untrust-L3): 1.1.1.1

* Private IP address (Trust-L3): 192.168.1.50

What should be configured as the destination zone on the Original Packet tab of NAT Policy rule?



Answer : A

Page:    1 / 14   
Total 455 questions