Top Paloalto Networks PCNSE7 bible Choices

Exam Code: PCNSE7 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Palo Alto Networks Certified Network Security Engineer
Certification Provider: Paloalto Networks
Free Today! Guaranteed Training- Pass PCNSE7 Exam.

2021 Mar PCNSE7 testing engine

Q11. Support for which authentication method was added in PAN-OS 7.0?

A. RADIUS

B. LDAP

C. Diameter

D. TACACS+

Answer: D

Q12. Which two mechanisms help prevent a spilt brain scenario an Active/Passive High Availability (HA) pair? (Choose two)

A. Configure the management interface as HA3 Backup

B. Configure Ethernet 1/1 as HA1 Backup CConfigure Ethernet 1/1 as HA2 Backup

C. Configure the management interface as HA2 Backup

D. Configure the management interface as HA1 Backup

E. Configure ethernet1/1 as HA3 Backup 

Answer: B,E

Q13. Which Palo Alto Networks VM-Series firewall is supported for VMware NSX?

A. VM-100

B. VM-200

C. VM-1000-HV

D. VM-300

Answer: C

Q14. What are three valid actions in a File Blocking Profile? (Choose three)

A. Forward

B. Block

C. Alret

D. Upload

E. Reset-both

F. Continue 

Answer: B,C,F

Explanation:

      https://live.paloaltonetworks.com/t5/Configuration-Articles/File-Blocking- Rulebase-and-Action-Precedence/ta-p/53623

Q15. How are IPV6 DNS queries configured to user interface ethernet1/3?

A. Network > Virtual Router > DNS Interface

B. Objects > CustomerObjects > DNS

C. Network > Interface Mgrnt

D. Device > Setup > Services > Service Route Configuration 

Answer: D

Replace PCNSE7 brain dumps:

Q16. Which two methods can be used to mitigate resource exhaustion of an application server? (Choose two)

A. Vulnerability Object

B. DoS Protection Profile

C. Data Filtering Profile

D. Zone Protection Profile 

Answer: B,D

Q17. A network security engineer is asked to perform a Return Merchandise Authorization (RMA) on a firewall Which part of files needs to be imported back into the replacement firewall that is using Panorama?

A. Device state and license files

B. Configuration and serial number files

C. Configuration and statistics files

D. Configuration and Large Scale VPN (LSVPN) setups file

Answer: B

Q18. Which Security Policy Rule configuration option disables antivirus and anti-spyware scanning of server-to- client flows only?

A. Disable Server Response Inspection

B. Apply an Application Override

C. Disable HIP Profile

D. Add server IP Security Policy exception 

Answer: A

Q19. ION NO: 40

Palo Alto Networks maintains a dynamic database of malicious domains.

Which two Security Platform components use this database to prevent threats? (Choose two)

A. Brute-force signatures

B. BrightCloud Url Filtering

C. PAN-DB URL Filtering

D. DNS-based command-and-control signatures 

Answer: C,D

Q20. How does Panorama handle incoming logs when it reaches the maximum storage capacity?

A. Panorama discards incoming logs when storage capacity full.

B. Panorama stops accepting logs until licenses for additional storage space are applied

C. Panorama stops accepting logs until a reboot to clean storage space.

D. Panorama automatically deletes older logs to create space for new ones. 

Answer: D

Explanation:

(https://www.paloaltonetworks.com/documentation/60/panorama/panorama_adminguide/se t-up-panorama/determine-panorama-log-storage-requirements)