CertsTopics Logo

Month End Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PCNSE Questions Bank

Page: 2 / 22
Total 294 questions
Get PCNSE Full Access Download PCNSE PDF

Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0 Questions and Answers

Question 5

What are three prerequisites for credential phishing prevention to function? (Choose three.)

Options:

A.

In the URL filtering profile, use the drop-down list to enable user credential detection.

B.

Enable Device-ID in the zone.

C.

Select the action for Site Access for each category.

D.

Add the URL filtering profile to one or more Security policy rules.

E.

Set phishing category to block in the URL Filtering profile.

Question 6

Given the following configuration, which route is used for destination 10 10 0 4?

Options:

A.

Route 2

B.

Route 3

C.

Route 1

D.

Route 4

Question 7

A network engineer troubleshoots a VPN Phase 2 mismatch and decides that PFS (Perfect Forward Secrecy) needs to be enabled. What action should the engineer take?

Options:

A.

Enable PFS under the IKE gateway advanced options.

B.

Enable PFS under the IPSec Tunnel advanced options.

C.

Add an authentication algorithm in the IPSec Crypto profile.

D.

Select the appropriate DH Group under the IPSec Crypto profile.

Question 8

An administrator receives the following error message:

"IKE phase-2 negotiation failed when processing Proxy ID. Received local id 192.168 33 33/24 type IPv4 address protocol 0 port 0, received remote id 172.16 33.33/24 type IPv4 address protocol 0 port 0."

How should the administrator identify the root cause of this error message?

Options:

A.

In the IKE Gateway configuration, verify that the IP address for each VPN peer is accurate

B.

Verify that the IP addresses can be pinged and that routing issues are not causing the connection failure

C.

Check whether the VPN peer on one end is set up correctly using policy-based VPN

D.

In the IPSec Crypto profile configuration, verify that PFS is either enabled on both VPN peers or disabled on both VPN peers.

Page: 2 / 22
Total 294 questions
Get PCNSE Full Access Download PCNSE PDF