[Aug 2021] pcnse6 pdf

Want to know Testking pcnse6 study guide Exam practice test features? Want to lear more about Paloalto Networks Palo Alto Networks Certified Network Security Engineer 6.0 certification experience? Study Actual Paloalto Networks pcnse6 dumps answers to Refresh pcnse6 dumps questions at Testking. Gat a success with an absolute guarantee to pass Paloalto Networks pcnse6 exam dumps (Palo Alto Networks Certified Network Security Engineer 6.0) test on your first attempt.

Q1. When an interface is in Tap mode and a policy action is set to block, the interface will send a TCP reset. 

A. True 

B. False 


Q2. When setting up GlobalProtect, what is the job of the GlobalProtect Portal? Select the best answer 

A. To maintain the list of remote GlobalProtect Portals and list of categories for checking the client machine 

B. To maintain the list of GlobalProtect Gateways and list of categories for checking the client machine 

C. To load balance GlobalProtect client connections to GlobalProtect Gateways 

D. None of the above 


Q3. Wildfire may be used for identifying which of the following types of traffic? 

A. URL content 



D. Viruses 


Q4. A user is reporting that they cannot download a PDF file from the internet. 

Which action will show whether the downloaded file has been blocked by a Security Profile? 

A. Filter the Session Browser for all sessions from the user with the application "adobe". 

B. Filter the System log for "Download Failed" messages. 

C. Filter the Traffic logs for all traffic from the user that resulted in a Deny action. 

D. Filter the Data Filtering logs for the user’s traffic and the name of the PDF file. 


Q5. What is the maximum usable storage capacity of an M-100 appliance? 

A. 2TB 

B. 4TB 

C. 6TB 




Reference: https://www.paloaltonetworks.com/documentation/61/panorama/panorama_adminguide/set -up-panorama/set-up-the-m-100-appliance.html 

Q6. A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port. 

Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network? 

A. Zone Protection Policy with UDP Flood Protection 

B. Classified DoS Protection Policy using destination IP only with a Protect action 

C. QoS Policy to throttle traffic below maximum limit 

D. Security Policy rule to deny traffic to the IP address and port that is under attack 



Reference: https://live.paloaltonetworks.com/docs/DOC-1746 

Q7. How can a Palo Alto Networks firewall be configured to send syslog messages in a format compatible with nonstandard syslog servers? 

A. Enable support for non-standard syslog messages under device management. 

B. Select a non-standard syslog server profile. 

C. Create a custom log format under the syslog server profile. 

D. Check the custom-format checkbox in the syslog server profile. 



Reference: https://live.paloaltonetworks.com/docs/DOC-2021 Page 16 of PDF available there. 

Q8. A Palo Alto Networks firewall has the following interface configuration; 

Hosts are directly connected on the following interfaces: 

Ethernet 1/6 - Host IP 

Ethernet 1/3 - Host IP 

The security administrator is investigating why ICMP traffic between the hosts is not working. 

She first ensures that ail traffic is allowed between zones based on the following security policy rule: 

The routing table of the firewall shows the following output: 

Which interface configuration change should be applied to ethernet1/6 to allow the two hosts to communicate based on this information? 

A. Change the Management Profile. 

B. Change the security policy to explicitly allow ICMP on this interface. 

C. Change the configured zone to DMZ. 

D. Change the Virtual Router setting to VR1. 


Q9. To create a custom signature object for an Application Override Policy, which of the following fields are mandatory? 

A. Category 

B. Regular Expressions 

C. Ports 

D. Characteristics 


Q10. Ethernet 1/1 has been configured with the following subinterfaces: 

The following security policy is applied: 

The Interface Management Profile permits the following: 

Your customer is trying to ping from VLAN 800 IP 

What will be the result of this ping? 

A. The ping will be successful because the management profile applied to Ethernet1/1 allows ping. 

B. The ping will not be successful because the virtual router is different from the other subinterfaces. 

C. The ping will not be successful because there is no management profile attached to Ethernet1/1.799. 

D. The ping will not be successful because the security policy does not apply to VLAN 800. 

E. The ping will be successful because the security policy permits this traffic.