Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

PCNSE Exam Dumps - Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0

Go to page:
Question # 4

A firewall engineer creates a NAT rule to translate IP address 1.1.1.10 to 192.168.1.10. The engineer also plans to enable DNS rewrite so that the firewall rewrites the IPv4 address in a DNS response based on the original destination IP address and translated destination IP address configured for the rule. The engineer wants the firewall to rewrite a DNS response of 1.1.1.10 to 192.168.1.10.

What should the engineer do to complete the configuration?

A.

Create a U-Turn NAT to translate the destination IP address 192.168.1.10 to 1.1.1.10 with the destination port equal to UDP/53.

B.

Enable DNS rewrite under the destination address translation in the Translated Packet section of the NAT rule with the direction Forward.

C.

Enable DNS rewrite under the destination address translation in the Translated Packet section of the NAT rule with the direction Reverse.

D.

Create a U-Turn NAT to translate the destination IP address 1.1.1.10 to 192.168.1.10 with the destination port equal to UDP/53.

Full Access
Question # 5

Which translated port number should be used when configuring a NAT rule for a transparent proxy?

A.

80

B.

443

C.

8080

D.

4443

Full Access
Question # 6

An engineer needs to collect User-ID mappings from the company's existing proxies.

What two methods can be used to pull this data from third party proxies? (Choose two.)

A.

Client probing

B.

Syslog

C.

XFF Headers

D.

Server Monitoring

Full Access
Question # 7

A firewall administrator has been tasked with ensuring that all Panorama configuration is committed and pushed to the devices at the end of the day at a certain time. How can they achieve this?

A.

Use the Scheduled Config Push to schedule Commit to Panorama and also Push to Devices.

B.

Use the Scheduled Config Push to schedule Push to Devices and separately schedule an API call to commit all Panorama changes.

C.

Use the Scheduled Config Export to schedule Push to Devices and separately schedule an API call to commit all Panorama changes

D.

Use the Scheduled Config Export to schedule Commit to Panorama and also Push to Devices

Full Access
Question # 8

Which three methods are supported for split tunneling in the GlobalProtect Gateway? (Choose three.)

A.

Destination user/group

B.

URL Category

C.

Destination Domain

D.

video streaming application

E.

Source Domain

F.

Client Application Process

Full Access
Go to page: