we provide Precise Paloalto Networks pcnse6 exam dumps exam question which are the best for clearing pcnse6 exam test, and to get certified by Paloalto Networks Palo Alto Networks Certified Network Security Engineer 6.0. The pcnse6 exam Questions & Answers covers all the knowledge points of the real pcnse6 exam exam. Crack your Paloalto Networks pcnse6 exam questions Exam with latest dumps, guaranteed!

Q1. Which link is used by an Active-Passive cluster to synchronize session information? 

A. The Data Link 

B. The Control Link 

C. The Uplink 

D. The Management Link 

Answer:


Q2. A network engineer experienced network reachability problems through the firewall. The routing table on the device is complex. To troubleshoot the problem the engineer ran a Command Line Interface (CLI) command to determine the egress interface for traffic destined to 98.139.183.24. The command resulted in the following output: 

How should this output be interpreted? 

A. There is no route for the IP address 98.139.183.24, and there is a default route for outbound traffic. 

B. There is no interface in the firewall with the IP address 98.139.183.24. 

C. In virtual-router vrl, there is a route in the routing table for the network 98.139.0.0/16. 

D. There is no route for the IP address 98.139.183.24, and there is no default route. 

Answer:


Q3. Will an exported configuration contain Management Interface settings? 

A. Yes 

B. No 

Answer:


Q4. A network administrator uses Panorama to push security policies to managed firewalls at branch offices. 

Which policy type should be configured on Panorama if the administrator wishes to allow local administrators at the branch office sites to override these policies? 

A. Implicit Rules 

B. Post Rules 

C. Default Rules 

D. Pre Rules 

Answer:


Q5. Which mechanism is used to trigger a High Availability (HA) failover if a firewall interface goes down? 

A. Link Monitoring 

B. Heartbeat Polling 

C. Preemption 

D. SNMP Polling 

Answer:

Explanation: 

Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/60/pan-os/pan-os/section_4.pdf page 130 


Q6. Which best describes how Palo Alto Networks firewall rules are applied to a session? 

A. last match applied 

B. first match applied 

C. all matches applied 

D. most specific match applied 

Answer:


Q7. HOTSPOT 

Assuming that the default antivirus profile is installed, match each decoder with its default action. 

Answer options may be used more than once or not at all. 

Answer: 


Q8. When employing the BrightCloud URL filtering database in a Palo Alto Networks firewall, the order of evaluation within a profile is: 

A. Block list, Custom Categories, Predefined categories, Dynamic URL filtering, Allow list, Cache files. 

B. Block list, Allow list, Custom Categories, Cache files, Local URL DB file. 

C. Block list, Custom Categories, Cache files, Predefined categories, Dynamic URL filtering, Allow list. 

D. Dynamic URL filtering, Block list, Allow list, Cache files, Custom categories, Predefined categories. 

Answer:


Q9. When creating a Security Policy to allow Facebook in PAN-OS 5.0, how can you be sure that no other web-browsing traffic is permitted? 

A. Ensure that the Service column is defined as "application-default" for this security rule. This will automatically include the implicit web-browsing application dependency. 

B. Create a subsequent rule which blocks all other traffic 

C. When creating the rule, ensure that web-browsing is added to the same rule. Both applications will be processed by the Security policy, allowing only Facebook to be accessed. Any other applications can be permitted in subsequent rules. 

D. No other configuration is required on the part of the administrator, since implicit application dependencies will be added automaticaly. 

Answer:


Q10. Company employees have been given access to the GlobalProtect Portal at https://portal.company.com: 

Assume the following: 

1. The firewall is configured to resolve DNS names using the internal DNS server. 

2. The URL portal.company.com resolves to the external interface of the firewall on the company’s external DNS server and to the internal interface of the firewall on the company s internal DNS server. 

3. The URL gatewayl.company.com resolves to the external interface of the firewall on the company’s external DNS server and to the internal interface of the firewall on the company s internal DNS server. 

This Gateway configuration will have which two outcomes? Choose 2 answers 

A. Clients outside the network will be able to connect to the external gateway Gateway1. 

B. Clients inside the network will be able to connect to the internal gateway Gateway1. 

C. Clients outside the network will NOT be able to connect to the external gateway Gateway1. 

D. Clients inside the network will NOT be able to connect to the internal gateway Gateway1. 

Answer: A,B 


Q11. When an interface is in Tap mode and a policy action is set to block, the interface will send a TCP reset. 

A. True 

B. False 

Answer:


Q12. When Destination Network Address Translation is being performed, the destination in the corresponding Security Policy Rule should use: 

A. The PostNAT destination zone and PostNAT IP address. 

B. The PreNAT destination zone and PreNAT IP address. 

C. The PreNAT destination zone and PostNAT IP address. 

D. The PostNAT destination zone and PreNAT IP address. 

Answer:


Q13. Select the implicit rules enforced on traffic failing to match any user defined Security Policies: 

A. Intra-zone traffic is denied 

B. Inter-zone traffic is denied 

C. Intra-zone traffic is allowed 

D. Inter-zone traffic is allowed 

Answer: B,C 


Q14. A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port. 

Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network? 

A. Zone Protection Policy with UDP Flood Protection 

B. Classified DoS Protection Policy using destination IP only with a Protect action 

C. QoS Policy to throttle traffic below maximum limit 

D. Security Policy rule to deny traffic to the IP address and port that is under attack 

Answer:

Explanation: 

Reference: https://live.paloaltonetworks.com/docs/DOC-1746 


Q15. Which of the following types of protection are available in DoS policy? 

A. Session Limit, SYN Flood, UDP Flood 

B. Session Limit, Port Scanning, Host Swapping, UDP Flood 

C. Session Limit, SYN Flood, Host Swapping, UDP Flood 

D. Session Limit, SYN Flood, Port Scanning, Host Swapping 

Answer: