• Home
  • Blogs
  • Free 2021 Paloalto Certifications and Accreditations PCNSC dumps are available by Actual4Cert [Q23-Q40]

Free 2021 Paloalto Certifications and Accreditations PCNSC dumps are available by Actual4Cert [Q23-Q40]

Share

Free 2021 Paloalto Certifications and Accreditations PCNSC dumps are available on Google Drive shared by Actual4Cert

Welcome to download the newest Actual4Cert PCNSC PDF dumps: https://www.actual4cert.com/PCNSC-real-questions.html ( 74  Q&As)

NEW QUESTION 23
Winch three steps will reduce the CPU utilization on the management plane? (Choose three. ) Disable logging at session start in Security policies.

  • A. Disable SNMP on the management interface.
  • B. Disable predefined reports.
  • C. Application override of SSL application.
  • D. Reduce the traffic being decrypted by the firewall.

Answer: A,B,D

 

NEW QUESTION 24
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs.
The administrator assigns priority 100 to the active firewall.
Which priority is collect tot the passive firewall?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

 

NEW QUESTION 25
The administrator has enabled BGP on a virtual router on the Palo Alto Networks NGFW, but new routes do not seem to be populating the virtual router.
Which two options would help the administrator Troubleshoot this issue? (Choose two.)

  • A. View the ACC lab to isolate routing issues.
  • B. View the Runtime Stats and look for problems with BGP configuration
  • C. View the System logs and look for error messages about BGP
  • D. Perform a traffic pcap on the NGFW lo see any BGP problems

Answer: A,B

 

NEW QUESTION 26
VPN traffic intended for an administrator's Palo Alto Networks NGfW is being maliciously intercepted and retransmitted by the interceptor. When Creating a VPN tunnel, which protection profile cm be enabled to prevent this malicious behavior?

  • A. DoS Protection
  • B. zone Protection
  • C. Replay
  • D. Web Application

Answer: B

 

NEW QUESTION 27
Which feature prevents the submission of login information into website froms?

  • A. file blocking
  • B. User-ID
  • C. data filtering
  • D. credential phishing prevention

Answer: D

 

NEW QUESTION 28
A user's traffic traversing a Palo Alto Networks NGFW sometime can reach http//www company com At the session times out.
The NGFW has been configured with a PBF rule that the user's traffic matches when it goes to http //www company com.
How con the firewall be configured to automatically disable the PBF rule if the next hop goes down?

  • A. Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  • B. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  • C. Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  • D. Configure path monitoring for tine next hop gateway on the default route in tin- virtual router.

Answer: B

 

NEW QUESTION 29
Which version of Global Protect supports split tunneling based on destination domain, client process, and HTTP/HTTPs video streaming application?

  • A. Glovbalprotect version 4.1 with PAn-OS 8.1
  • B. Glovbalprotect version 4.0 with PAn-OS 8.1
  • C. Glovbalprotect version 4.1 with PAn-OS 8.0
  • D. Glovbalprotect version 4.0 with PAn-OS 8.0

Answer: B

 

NEW QUESTION 30
Which administrative authentication method supports authorization by an external service?

  • A. SSH keys
  • B. Certification
  • C. LDAP
  • D. RADIUS

Answer: A

 

NEW QUESTION 31
Which Captive Portal mode must be contoured to support MFA authentication?

  • A. Redirect
  • B. NTLM
  • C. Transparent
  • D. Single Sign-On

Answer: A

 

NEW QUESTION 32
An administrator has been asked to configure active/active HA for a pair of Palo Alto Networks NGFWs. The firewalls use layer 3 interface to send traffic to a single gateway IP for the pair.
Which configuration will enable this HA scenario?

  • A. Each firewall will have a separate floating IP. and priority will determine which firewall has the primary IP.
  • B. The firewalls will share the same interface IP address, and device 1 will use the floating IP if device 0 fails.
  • C. The firewall do not use floating IPs in active/active HA.
  • D. The two firewalls will share a single floating IP and will use gratuitous ARP to share the floating IP.

Answer: A

 

NEW QUESTION 33
Which three file types can be forward to WildMFire for analysis a part of the basic WildMFire service?

  • A. .dil
  • B. .apk
  • C. .exe
  • D. .jar
  • E. .pdf
  • F. .fon

Answer: B,D,E

 

NEW QUESTION 34
Which User-ID method should b configured to map addresses to usernames for users connected through a terminal server?

  • A. port mapping
  • B. server monitoring
  • C. XFF header
  • D. Client probing

Answer: A

 

NEW QUESTION 35
How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?

  • A. Enable all four stage of traffic capture (TX, RX, DROP, Firewall)
  • B. Use the tcpdump command
  • C. USe the debug dataplane packet-dia set capture stage firewall file command
  • D. Use the debug dataplane packet-diag set capture stage management file command

Answer: B

 

NEW QUESTION 36
What should an administrator consider when planning to revert Panorama to a pre-PAN-OS 8.1 version?

  • A. When Panorama is reverted to an earlier PAN-OS release, variable used in template stacks will be removed authentically.
  • B. An administrator must use the Expedition tool to adapt the configuration to the pre-pan-OS 8.1 state.
  • C. Panorama cannot be reverted to an earlier PAN-OS release if variables are used in templates or stacks.
  • D. Administrators need to manually update variable characters to those to used in pre-PAN-OS 8.1.

Answer: C

 

NEW QUESTION 37
What are two benefits of nested device groups in panorama? (Choose two )

  • A. reuse of the existing Security policy rules and objects
  • B. requires configuration both function and location for every device
  • C. overwrites local firewall configuration
  • D. all device groups inherit setting from the Shared group

Answer: B,D

 

NEW QUESTION 38
Which two methods can be used to verify firewall connectivity to Autofocus? (Choose two. )

  • A. Check the WebUl Dashboard Autofocus widget
  • B. Check for WildFire forwarding logs.
  • C. Verify AutoFocus is enabled below Device Management tab
  • D. Check the license
  • E. Verify AutoFocus status using the CLI "test"command.

Answer: A,D

 

NEW QUESTION 39
Which method will dynamically register tags on the Palo Alto Networks NGFW?

  • A. Restful API or the VMware API on the firewall or on the User.-D agent or the ready -only domain controller
  • B. XML- API or lite VM Monitoring agent on the NGFW or on the User- ID agent
  • C. Restful API or the VMware API on the firewall or on the User-ID Agent
  • D. XML API or the VMware API on the firewall on the User-ID agent or the CLI

Answer: B

 

NEW QUESTION 40
......

Tested Material Used To PCNSC: https://www.actual4cert.com/PCNSC-real-questions.html

Following are some new PCNSC Real Exam Questions!: https://drive.google.com/open?id=15NjKFLzqM6fjdfdrAYBuZT6RWSI3rmRb

Related Blogs

more
Palo Alto Networks PCNSC Certification Practice Exam

Copyright © 2026 ACTUAL4CERT.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.