Certified of pcnse6 dumps practice exam materials and resource for Paloalto Networks certification for IT learners, Real Success Guaranteed with Updated pcnse6 study guide pdf dumps vce Materials. 100% PASS Palo Alto Networks Certified Network Security Engineer 6.0 exam Today!

Q1. A security architect has been asked to implement User-ID in a MacOS environment with no enterprise email, using a Sun LDAP server for user authentication. 

In this environment, which two User-ID methods are effective for mapping users to IP addresses? Choose 2 answers 

A. Terminal Server Agent 

B. Mac OS Agent 

C. Captive Portal 

D. GlobalProtect 

Answer: C,D 

Q2. In Active/Active HA environments, redundancy for the HA3 interface can be achieved by 

A. Configuring a corresponding HA4 interface 

B. Configuring HA3 as an Aggregate Ethernet bundle 

C. Configuring multiple HA3 interfaces 

D. Configuring HA3 in a redundant group 


Q3. Which three processor types are found on the data plane of a PA-5050? Choose 3 answers 

A. Multi-Core Security Processor 

B. Signature Match Processor 

C. Network Processor 

D. Protocol Decoder Processor 

E. Management Processor 

Answer: A,B,C 


Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/white-papers/single-pass-parallel-processing-architecture.pdf page 8 

Q4. Both SSL decryption and SSH decryption are disabled by default. 

A. True 

B. False 


Q5. With IKE, each device is identified to the other by a Peer ID. In most cases, this is just the public IP address of the device. In situations where the public ID is not static, this value can be replaced with a domain name or other text value 

A. True 

B. False 


Q6. Which of the following options may be enabled to reduce system overhead when using Content ID? 






Q7. In PANOS 6.0, rule numbers are: 

A. Numbers that specify the order in which security policies are evaluated. 

B. Numbers created to be unique identifiers in each firewall’s policy database. 

C. Numbers on a scale of 0 to 99 that specify priorities when two or more rules are in conflict. 

D. Numbers created to make it easier for users to discuss a complicated or difficult sequence of rules. 


Q8. A user complains that they are no longer able to access a needed work application after you have implemented vulnerability and anti-spyware profiles. The user's application uses a unique port. What is the most efficient way to allow the user access to this application? 

A. Utilize an Application Override Rule, referencing the custom port utilzed by this application. Application Override rules bypass all Layer 7 inspection, thereby allowing access to this application. 

B. In the Threat log, locate the event which is blocking access to the user's application and create a IP-based exemption for this user. 

C. In the vulnerability and anti-spyware profiles, create an application exemption for the user's application. 

D. Create a custom Security rule for this user to access the required application. Do not apply vulnerability and anti-spyware profiles to this rule. 


Q9. Palo Alto Networks maintains a dynamic database of malicious domains. Which two Security Platform components use this database to prevent threats? Choose 2 answers 

A. Brute-force signatures 

B. DNS-based command-and-control signatures 

C. PAN-DB URL Filtering 

D. BrightCloud URL Filtering 

Answer: B,C 


Reference: https://www.paloaltonetworks.com/products/features/apt-prevention.html 

Q10. A Palo Alto Networks firewall has the following interface configuration; 

Hosts are directly connected on the following interfaces: 

Ethernet 1/6 - Host IP 

Ethernet 1/3 - Host IP 

The security administrator is investigating why ICMP traffic between the hosts is not working. 

She first ensures that ail traffic is allowed between zones based on the following security policy rule: 

The routing table of the firewall shows the following output: 

Which interface configuration change should be applied to ethernet1/6 to allow the two hosts to communicate based on this information? 

A. Change the Management Profile. 

B. Change the security policy to explicitly allow ICMP on this interface. 

C. Change the configured zone to DMZ. 

D. Change the Virtual Router setting to VR1. 


Q11. Which mechanism is used to trigger a High Availability (HA) failover if a firewall interface goes down? 

A. Link Monitoring 

B. Heartbeat Polling 

C. Preemption 

D. SNMP Polling 



Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/60/pan-os/pan-os/section_4.pdf page 130 

Q12. To create a custom signature object for an Application Override Policy, which of the following fields are mandatory? 

A. Category 

B. Regular Expressions 

C. Ports 

D. Characteristics 


Q13. When a user logs in via Captive Portal, their user information can be checked against: 

A. Terminal Server Agent 

B. Security Logs 


D. Radius 


Q14. Which of the following would be a reason to use an XML API to communicate with a Palo Alto Networks firewall? 

A. So that information can be pulled from other network resources for User-ID 

B. To allow the firewall to push UserID information to a Network Access Control (NAC) device. 

C. To permit sys logging of User Identification events 


Q15. When allowing an Application in a Security policy on a PAN-OS 5.0 device, would a dependency Application need to also be enabled if the application does not employ HTTP, SSL, MSRPC, RPC, t.120, RTSP, RTMP, and NETBIOS-SS. 

A. Yes 

B. No