Legit PCNSE Exam Download

Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 11.0 Questions and Answers

Question 49

An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks.

Which sessions does Packet Buffer Protection apply to?

It applies to existing sessions and is global.

It applies to new sessions and is not global.

It applies to existing sessions and is not global.

It applies to new sessions and is global.

Question 50

In the following image from Panorama, why are some values shown in red?

sg2 session count is the lowest compared to the other managed devices.

us3 has a logging rate that deviates from the administrator-configured thresholds.

uk3 has a logging rate that deviates from the seven-day calculated baseline.

sg2 has misconfigured session thresholds.

Question 51

An engineer is monitoring an active/active high availability (HA) firewall pair.

Which HA firewall state describes the firewall that is currently processing traffic?

Initial

Passive

Active

Active-primary

Question 52

An administrator is building Security rules within a device group to block traffic to and from malicious locations.

How should those rules be configured to ensure that they are evaluated with a high priority?

Create the appropriate rules with a Block action and apply them at the top ol the Security Pre-Rules.

Create the appropriate rules with a Block action and apply them at the top of the Security Post-Rules.

Create the appropriate rules with a Block action and apply them at the top of the local firewall Security rules.

Create the appropriate rules with a Block action and apply them at the top of the Default Rules.