PCNSC Practice Exam Questions and Answers

A.  

The configuration is invalid it will cause the firewall to Skip thisSecurity policy rule A warning will be displayed during a command.

B.  

The configuration is valid It will cause the firewall to deny the matched sessions. Any configured Security Profiles have no effect if the Security policy rule action is set to "Deny"

The configuration will allow the matched session unless a vulnerability signature is detected. The "Deny" action will supersede the per. defined, severity defined actions defined in the associated Vulnerability Protection Profile.

C.  

The configuration is invalid. The Profile Settings section will be- grayed out when the action is set to "Deny"

A.  

Configure path monitoring for tine next hop gateway on the default route in tin- virtual router.

B.  

Enable and configure a Link Monitoring Profile for the external interface of the firewall.

C.  

Create and add a Monitor Profile withan action of Wait Recover in the PBF rule in question.

D.  

Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.

A.  

Perform atraffic pcap at the routing stage.

B.  

View System logs.

C.  

Add a redistribution profile to forward as BGP updates.

D.  

View Runtime Status virtual router.

A.  

Authentication policy

B.  

Decryption policy

C.  

Security policy

D.  

Application Override policy

A.  

RADIUS

B.  

SSH keys

C.  

Certification

D.  

LDAP

A.  

NTP

B.  

antivirus

C.  

NAT

D.  

WildFire updates

E.  

file blocking

A.  

The firewall do not use floating IPs in active/active H

A.  

B.  

The two firewalls will share a single floating IP and will use gratuitous ARP to share the floating IP.

C.  

The firewalls will share the sameinterface IP address, and device 1 will use the floating IP if device 0 fails.

D.  

Each firewall will have a separate floating IP. and priority will determine which firewall has the primary IP.

A.  

set deviceconfig system speed-duplex 10Gbps-full-duplex

B.  

set deviceconfig interface speed-duplex 1Gbs--full-duplex

C.  

set deviceconfig interface speed-duplex 1Gbs--half-duplex

D.  

set deviceconfig system speed-duplex 1Gbs--half-duplex.

A.  

Restful API or the VMware API on the firewall or on theUser.-D agent or the ready -only domain controller

B.  

XML API or the VMware API on the firewall on the User-ID agent or the CLI

C.  

Restful API or the VMware API on the firewall or on the User-ID Agent

D.  

XML- API or lite VM Monitoring agent on the NGFW oron the User- ID agent

A.  

The three-way TCP handshake did notcomplete.

B.  

Data was received but wan instantly discarded because of a Deny policy was applied before App ID could be applied.

C.  

The three-way TCP handshake was observed, but the application could not be identified.

D.  

The traffic is coming across UDP, and the application could not be identified.

A.  

Decryption tag

B.  

In the details of the Threat log entries

C.  

In the details of the Traffic log entries

D.  

Data filtering log