PCNSE Free Practice Test

The UDP-4501 protocol-port is used between which two GlobalProtect components?

1. A. GlobalProtect app and GlobalProtect gateway
2. B. GlobalProtect portal and GlobalProtect gateway
3. C. GlobalProtect app and GlobalProtect satellite
4. D. GlobalProtect app and GlobalProtect portal

Correct Answer: A
UDP 4501 Used for IPSec tunnel connections between GlobalProtect apps and gateways. https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/firewall-administration/reference-port-number-usag

Which three firewall multi-factor authentication factors are supported by PAN-OS? (Choose three)

1. A. SSH key
2. B. User logon
3. C. Short message service
4. D. One-Time Password
5. E. Push

Correct Answer: BDE
According to Palo Alto Networks documentation123, multi-factor authentication (MFA) is a method of verifying a user’s identity using two or more factors, such as something they know, something they have, or something they are.
The firewall supports MFA for administrative access, GlobalProtect VPN access, and Captive Portal access. The firewall can integrate with external MFA providers such as RSA SecurID, Duo Security, or Okta Verify.
The three firewall MFA factors that are supported by PAN-OS are:
User logon: This is something the user knows, such as a username and password.
One-Time Password: This is something the user has, such as a code generated by an app or sent by email or SMS.
Push: This is something the user is, such as a biometric verification or a device approval.

Which statement regarding HA timer settings is true?

1. A. Use the Recommended profile for typical failover timer settings
2. B. Use the Moderate profile for typical failover timer settings
3. C. Use the Aggressive profile for slower failover timer settings.
4. D. Use the Critical profile for faster failover timer settings.

Correct Answer: A

Where can an administrator see both the management-plane and data-plane CPU utilization in the WebUI?

1. A. System Resources widget
2. B. System Logs widget
3. C. Session Browser
4. D. General Information widget

Correct Answer: A
The System Resources widget of the Exadata WebUI, displays a real-time overview of the various resources like CPU, Memory, and I/O usage across the entire Exadata Database Machine. It shows the usage of both management-plane and data-plane CPU utilization.
System Resources Widget Displays the Management CPU usage, Data Plane usage, and the Session Count (the number of sessions established through the firewall or Panorama). https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/dashboard/dashboard-widgets.html

A network engineer is troubleshooting a VPN and wants to verify whether the decapsulation/encapsulation counters are increasing. Which CLI command should the engineer run?

1. A. Show vpn tunnel name | match encap
2. B. Show vpn flow name
3. C. Show running tunnel flow lookup
4. D. Show vpn ipsec-sa tunnel

Correct Answer: B