Palo Alto Networks Certified Network Security Engineer (PAN-OS 10.0) Exam Practice Test

Page: 1 / 14
Total 244 questions

Question 1

Which GlobalProtect gateway selling is required to enable split-tunneling by access route, destination domain, and application?

Answer : B

Question 2

Which log type will help the engineer verify whether packet buffer protection was activated?

Answer : C

Question 3

An engineer discovers the management interface is not routable to the User-ID agent

What configuration is needed to allow the firewall to communicate to the User-ID agent?

Answer : C

Question 4

Which three methods are supported for split tunneling in the GlobalProtect Gateway? (Choose three.)

Answer : B, C, E

Question 5

An engineer is tasked with configuring SSL forward proxy for traffic going to external sites.

Which of the following statements is consistent with SSL decryption best practices?

Answer : B

Question 6

An engineer creates a set of rules in a Device Group (Panorama) to permit traffic to various services for a specific LDAP user group.

What needs to be configured to ensure Panorama can retrieve user and group information for use in these rules?

Answer : A

Question 7

After importing a pre-configured firewall configuration to Panorama, what step is required to ensure a commit/push is successful without duplicating local configurations?

Answer : C

Page:    1 / 14   
Total 244 questions