Free PCNSE Exam Braindumps

A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged.
Given the information, what is the best choice for deploying User-ID to ensure maximum coverage?

1. A. Syslog listener
2. B. agentless User-ID with redistribution
3. C. standalone User-ID agent
4. D. captive portal

Correct Answer: C

Which statement best describes the Automated Commit Recovery feature?

1. A. It performs a connectivity check between the firewall and Panorama after every configuration commit on the firewal
2. B. It reverts the configuration changes on the firewall if the check fails.
3. C. It restores the running configuration on a firewall and Panorama if the last configuration commit fails.
4. D. It performs a connectivity check between the firewall and Panorama after every configuration commit on the firewal
5. E. It reverts the configuration changes on the firewall and on Panorama if the check fails.
6. F. It restores the running configuration on a firewall if the last configuration commit fails.

Correct Answer: A

A super user is tasked with creating administrator accounts for three contractors. For compliance purposes, all three contractors will be working with different device-groups m their hierarchy to deploy policies and objects.
Which type of role-based access is most appropriate for this project?

1. A. Create a Dynamic Admin with the Panorama Administrator role.
2. B. Create a Device Group and Template Admin.
3. C. Create a Custom Panorama Admin.
4. D. Create a Dynamic Read only superuser

Correct Answer: C
A Custom Panorama Admin is a type of role-based access that allows a super user to create separate Panorama administrator accounts for each of the three contractors. This will allow each contractor to work with different device-groups in their hierarchy and deploy policies and objects in accordance with the organization's compliance requirements. The Custom Panorama Admin role also allows the super user to assign separate permissions to each contractor's account, granting them access to only the resources they are authorized to use. This type of role-based access is the most appropriate for this project as it will ensure that each contractor is only able to access the resources they need in order to do their job.

Given the screenshot, how did the firewall handle the traffic?

1. A. Traffic was allowed by profile but denied by policy as a threat
2. B. Traffic was allowed by policy but denied by profile as..
3. C. Traffic was allowed by policy but denied by profile as ..
4. D. Traffic was allowed by policy but denied by profile as a..

Correct Answer: D

An engineer is in the planning stages of deploying User-ID in a diverse directory services environment. Which server OS platforms can be used for server monitoring with User-ID?

1. A. Microsoft Terminal Server, Red Hat Linux, and Microsoft Active Directory
2. B. Microsoft Active Directory, Red Hat Linux, and Microsoft Exchange
3. C. Microsoft Exchange, Microsoft Active Directory, and Novell eDirectory
4. D. Novell eDirectory, Microsoft Terminal Server, and Microsoft Active Directory

Correct Answer: B
https://docs.paloaltonetworks.com/compatibility-matrix/user-id-agent/which-servers-can-the-user-id-agent-moni