PCNSE無料問題集「Palo Alto Networks Certified Network Security Engineer」

質問 1

A network security administrator has been tasked with deploying User-ID in their organization.
What are three valid methods of collecting User-ID information in a network? (Choose three.)

正解：B、C、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

An administrator needs to identify which NAT policy is being used for internet traffic.
From the Monitor tab of the firewall GUI, how can the administrator identify which NAT policy is in use for a traffic flow?

（A）Click Traffic view and review the information in the detailed log view.

（B）Click Session Browser and review the session details.

（C）Click Traffic view; ensure that the Source or Destination NAT columns are included and review the information in the detailed log view.

（D）Click App Scope > Network Monitor and filter the report for NAT rules.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Which operation will impact the performance of the management plane?

（A）Decrypting SSL sessions

（B）Enabling DoS protection

（C）Enabling packet buffer protection

（D）Generating a SaaS Application report

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Given the following snippet of a WildFire submission log, did the end user successfully download a file?

（A）Yes, because the final action is set to "allow.''

（B）Yes, because both the web-browsing application and the flash file have the 'alert" action.

（C）No, because the URL generated an alert.

（D）No, because the action for the wildfire-virus is "reset-both."

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Why would a traffic log list an application as "not-applicable"?

（A）The TCP connection terminated without identifying any application data

（B）The application is not a known Palo Alto Networks App-ID.

（C）The firewall denied the traffic before the application match could be performed.

（D）There was not enough application data after the TCP connection was established

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which three external authentication services can the firewall use to authenticate admins into the Palo Alto Networks NGFW without creating administrator account on the firewall? (Choose three.)

正解：A、B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

With the default TCP and UDP settings on the firewall, what will be the identified application in the following session?

（A）unknown-tcp

（B）Insufficient-data

（C）not-applicable

（D）Incomplete

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An organization wants to begin decrypting guest and BYOD traffic.
Which NGFW feature can be used to identify guests and BYOD users, instruct them how to download and install the CA certificate, and clearly notify them that their traffic will be decrypted?

（A）Authentication Portal

（B）SSL decryption policy

（C）SSL Decryption profile

（D）comfort pages

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Which two statements correctly describe Session 380280? (Choose two.)

（A）The session did not go through SSL decryption processing.

（B）The session went through SSL decryption processing.

（C）The session has ended with the end-reason unknown.

（D）The application has been identified as web-browsing.

正解：B、D 解答を投票する

質問 10

Which rule type controls end user SSL traffic to external websites?

（A）SSL Outbound Proxyless Inspection

（B）SSL Inbound Inspection

（C）SSH Proxy

（D）SSL Forward Proxy

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

PCNSE 無料問題集「Palo Alto Networks Certified Network Security Engineer」

弊社を連絡する

関連リンク

トップ試験