PCNSC無料問題集「Palo Alto Networks Certified Network Security Consultant」

質問 1

Your customer believes that the Panorama appliance is being overwhelmed by the logs from deployed Palo Alto Networks Next-Generation Firewalls.What CLl command can you run to determine the number oflogs per second sent by each firewall?

（A）logging status

（B）debug log-receiver statistics

（C）debug log-sender statistics

（D）show log traffic

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

How can you ensure that a Palo Alto Networks firewall does not block traffic during a software update?

（A）Configure session synchronization

（B）Enable the Suspend Traffic During Upgrade option

（C）Schedule the upgrade during a maintenance window

（D）Use the High Availability feature

正解：C 解答を投票する

質問 3

A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an "allow any" rule What should the consultant say about Expedition?

（A）By using the Machine Learning feature Expedition can parse the traffic log files related to the polcy and extract security rules for matching traffic

（B）Expedition cannot parse log files and therefore cannot be used for this purpose

（C）Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall

（D）The log files can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which GlobalProtect feature ensures that only trusted endpoints can connect to the network?

（A）Host Information Profile (HIP)

（B）User-ID

（C）SSL Decryption

（D）App-ID

正解：A 解答を投票する

質問 5

What is the default port used by the Terminal Services agent to communicate with a firewall?

（A）636

（B）5009

（C）5007

（D）443

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

TAC has requested a PCAP on your Panorama lo see why the DNS app is having intermittent issues resolving FODN What is the appropriate CLI command1*

（A）tcpdump snaplen 53 filter "port 53"

（B）tcp dump snaplen 53 filter "tcp 53"

（C）tcp dump snap-en 0 filter "app dns"

（D）tcpdump snaplen 0 filter "port 53"

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

PCNSC 無料問題集「Palo Alto Networks Certified Network Security Consultant」

弊社を連絡する

関連リンク

トップ試験