[Free] Download New Updated (April 2016) Palo Alto Networks PCNSE6 Actual Tests 11-20

Ensurepass

QUESTION 11

To properly configure DOS protection to limit the number of sessions individually from specific source IPs you would configure a DOS Protection rule with the following characteristics:

 

A.

Action: Protect, Classified Profile with “Resources Protection” configured, and Classified Address with “source-ip-only” configured

B.

Action: Deny, Aggregate Profile with “Resources Protection” configured

C.

Action: Protect, Aggregate Profile with “Resources Protection” configured

D.

Action: Deny, Classified Profile with “Resources Protection” configured, and Classified Address with “source-ip-only” configured

 

Correct Answer: A

 

 

QUESTION 12

When an interface is in Tap mode and a policy action is set to block, the interface will send a TCP reset.

 

A.

True

B.

False

 

Correct Answer: B

 

 

QUESTION 13

Users can be authenticated serially to multiple authentication servers by configuring:

 

A.

Multiple RADIUS Servers sharing a VSA configuration

B.

Authentication Sequence

C.

Authentication Profile

D.

A custom Administrator Profile

 

Correct Answer: B

 

 

QUESTION 14

What are two sources of information for determining if the firewall has been successful in communicating with an external User-ID Agent?

 

A.

System Logs and the indicator light under the User-ID Agent settings in the firewall

B.

There’s only one location – System Logs

C.

There’s only one location – Traffic Logs

D.

System Logs and indicator light on the chassis

 

Correct Answer: A

 

 

QUESTION 15

It is discovered that WebandNetTrends Unlimited’s new web server software produces traffic that the Palo Alto Networks firewall sees as “unknown-tcp” traffic. Which two configurations would identify the application while preserving the ability of the firewall to perform content and threat detection on the traffic? Choose 2 answers

 

A.

A custom application, with a name properly describing the new web server s purpose

B.

A custom application and an application override policy that assigns traffic going to and from the web server to the custom application

C.

An application override policy that assigns the new web server traffic to the built-in application “web-browsing”

D.

A custom application with content and threat detection enabled, which includes a signature, identifying the new web server s traffic

 

Correct Answer: AB

 

 

QUESTION 16

By default, all PA-5060 syslog data is forwarded out the Management interface. What needs to be configured in order to send syslog data out of a different interface?

 

A.

Configure Service Route Only for Threats and URL Filtering, and the traffic will use the same route.

B.

Configure an Interface Management Profile and apply it to the interface that the syslogs will be sent through.

C.


Configure a Service Route for the Syslog service to use a dataplane interface.

D.

Create a Log-Forwarding Profile that points to the device that will receive the syslogs.

 

Correct Answer: C

Explanation:

https://www.paloaltonetworks.com/documentation/60/pan-os/pan-os/reports-and-logging/define-remote-logging-destinations.html

 

 

QUESTION 17

When configuring Security rules based on FQDN objects, which of the following statements are true?

 

A.

The firewall resolves the FQDN first when the policy is committed, and is refreshed each time Security rules are evaluated.

B.

The firewall resolves the FQDN first when the policy is committed, and is refreshed at TTL expiration. There is no limit on the number of IP addresses stored for each resolved FQDN.

C.

In order to create FQDN-based objects, you need to manually define a list of associated IP. Up to 10 IP addresses can be configured for each FQDN entry.

D.

The firewall resolves the FQDN first when the policy is committed, and is refreshed at TTL expiration. The resolution of this FQDN stores up to 10 different IP addresses.

 

Correct Answer: C

QUESTION 18

When allowing an Application in a Security policy on a PAN-OS 5.0 device, would a dependency Application need to also be enabled if the application does not employ HTTP, SSL, MSRPC, RPC, t.120, RTSP, RTMP, and NETBIOS-SS.

 

A.

Yes

B.

No

 

Correct Answer: A

 

 

QUESTION 19

What happens at the point of Threat Prevention license expiration?

 

A.

Threat Prevention no longer updated; existing database still effective

B.

Threat Prevention is no longer used; applicable traffic is allowed

C.

Threat Prevention no longer used; applicable traffic is blocked

D.

Threat Prevention no longer used; traffic is allowed or blocked by configuration per Security Rule

 

Correct Answer: A

 

 

QUESTION 20

Which fields can be altered in the default Vulnerability Protection Profile?

 

A.

Category

B.

Severity

C.

None

D.

Both A and B

 

Correct Answer: C

 

Free VCE & PDF File for Palo Alto Networks PCNSE6 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …