PCNSE試験無料問題集（179題）「Palo Alto Networks Certified Network Security Engineer 認定」

出題：1

A firewall administrator needs to check which egress interface the firewall will use to route the IP 10.2.5.3.
Which command should they use?

A. test routing route ip 10.2.5.3 virtual-router default

B. test routing fib-lookup ip 10.2.5.0/24 virtual-router default

C. test routing fib-lookup ip 10.2.5.3 virtual-router default

D. test routing route ip 10.2.5.3 *

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

An engineer has been given approval to upgrade their environment to the latest version of PAN-OS.
The environment consists of both physical and virtual firewalls, a virtual Panorama, and virtual log collectors.
What is the recommended order of operational steps when upgrading?

A. Upgrade the firewalls, upgrade Panorama, upgrade the log collectors

B. Upgrade Panorama, upgrade the log collectors, upgrade the firewalls

C. Upgrade the firewalls, upgrade log collectors, upgrade Panorama

D. Upgrade the log collectors, upgrade the firewalls, upgrade Panorama

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

An administrator needs to evaluate a recent policy change that was committed and pushed to a firewall device group. How should the administrator identify the configuration changes?

A. Context-switch to the affected firewall and use the configuration audit tool

B. Click Preview Changes under Push Scope

C. Review the configuration logs on the Monitor tab

D. Use Test Policy Match to review the policies in Panorama

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

An administrator is attempting to create policies tor deployment of a device group and template stack. When creating the policies, the zone drop down list does not include the required zone.
What must the administrator do to correct this issue?

A. Specify the target device as the master device in the device group

B. Enable "Share Unused Address and Service Objects with Devices" in Panorama settings

C. Add the template as a reference template in the device group

D. Add a firewall to both the device group and the template

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Where is Palo Alto Networks Device Telemetry data stored on a firewall with a device certificate installed?

A. On Palo Alto Networks Update Servers

B. M600 Log Collectors

C. Cortex Data Lake

D. Panorama