Online Access Free PaloAltoNetworks.PCNSE.v2025-06-23.q142 Practice Test (Page 17)

PCNSE Exam Question 76

A network administrator is troubleshooting an issue with Phase 2 of an IPSec VPN tunnel The administrator determines that the lifetime needs to be changed to match the peer. Where should this change be made?

A.IPSec Crypto profile

B.IPSec Tunnel settings

C.IKE Crypto profile

D.IKE Gateway profile

PCNSE Exam Question 77

All firewall at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a sylog server and forward all firewall logs to the syslog server and to the log collectors. There is known logging peak time during the day, and the security team has asked the firewall engineer to determined how many logs per second the current Palo Alto Networking log processing at that particular time. Which method is the most time-efficient to complete this task?

A.Navigate to Panorama > Managed Collectors, and open the Statistics windows for each Log Collector during the peak time.

B.Navigate to ACC> Network Activity, and determine the total number of sessions and threats during the peak time.

C.Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received.

D.Navigate to Panorama> Managed Devices> Health, open the Logging tab for each managed firewall and check the log rates during the peak time.

PCNSE Exam Question 78

An administrator connects a new fiber cable and transceiver Ethernet1/1 on a Palo Alto Networks firewall. However, the link does not come up. How can the administrator troubleshoot to confirm the transceiver type, tx-power, rxpower, vendor name, and part number by using the CLI?

A.show s/stem state filter sw.dev interface config

B.show chassis status slot s1

C.show s/stem state filter ethernet1/1

D.show s/stem state filter-pretty sys.sl*

PCNSE Exam Question 79

Where can a service route be configured for a specific destination IP?

A.Use Netw ork > Virtual Routers, select the Virtual Router > Static Routes > IPv4

B.Use Device > Setup > Services > Services

C.Use Device > Setup > Services > Service Route Configuration > Customize > Destination

D.Use Device > Setup > Services > Service Route Configuration > Customize > IPv4

PCNSE Exam Question 80

A firewall engineer creates a source NAT rule to allow the company's internal private network 10.0.0.0/23 to access the internet. However, for security reasons, one server in that subnet (10.0.0.10/32) should not be allowed to access the internet, and therefore should not be translated with the NAT rule.
Which set of steps should the engineer take to accomplish this objective?

A.1. Create a source NAT rule (NAT-Rule-1) to translate 10.0.0/23 with source address translation set to dynamic IP and port.
2. Create another NAT rule (NAT-Rule-2) with source IP address in the original packet set to 10.0.0.10/32 and source translation set to none.
3. Place (NAT-Rule-1) above (NAT-Rule-2).

B.1- Create a NAT rule (NAT-Rule-1) and set the source address in the original packet to 10.0.0.0/23.
2. Check the box for negate option to negate this IP subnet from NAT translation.

C.1. Create a source NAT rule (NAT-Rule-1) to translate 10.0.0/23 with source address translation set to dynamic IP and port.
2. Create another NAT rule (NAT-Rule-2) with source IP address in the original packet set to 10.0.0.10/32 and source translation set to none.
3. Place (NAT-Rule-2) above (NAT-Rule-1).

D.1. Create a NAT rule (NAT-Rule-1) and set the source address in the original packet to 10.0.0.10/32.
2. Check the box for negate option to negate this IP from the NAT translation.

Other Version: 1071PaloAltoNetworks.PCNSE.v2025-12-23.q389; 1406PaloAltoNetworks.PCNSE.v2025-12-23.q149; 3004PaloAltoNetworks.PCNSE.v2025-10-01.q252; 4914PaloAltoNetworks.PCNSE.v2025-08-27.q390; 2410PaloAltoNetworks.PCNSE.v2023-10-27.q38; 5481PaloAltoNetworks.PCNSE.v2023-10-19.q136; 5443PaloAltoNetworks.PCNSE.v2023-09-26.q154; 5156PaloAltoNetworks.PCNSE.v2023-08-14.q127; 5060PaloAltoNetworks.PCNSE.v2023-07-21.q125; 5604PaloAltoNetworks.PCNSE.v2023-07-20.q149; 4729PaloAltoNetworks.PCNSE.v2023-06-05.q99; 4562PaloAltoNetworks.PCNSE.v2023-06-02.q103; 4595PaloAltoNetworks.PCNSE.v2023-05-09.q97; 5000PaloAltoNetworks.PCNSE.v2023-04-22.q108; 2426PaloAltoNetworks.PCNSE.v2023-03-27.q31; 3816PaloAltoNetworks.PCNSE.v2023-03-20.q63; 6856PaloAltoNetworks.PCNSE.v2023-01-14.q152; 13492PaloAltoNetworks.PCNSE.v2022-09-01.q323; 9181PaloAltoNetworks.PCNSE.v2022-06-28.q152; 7738PaloAltoNetworks.PCNSE.v2022-06-06.q143; 11246PaloAltoNetworks.PCNSE.v2022-04-20.q259; 7145PaloAltoNetworks.PCNSE.v2021-11-16.q121; 120Palo-Alto-Networks.Examcollectionpass.PCNSE.v2021-09-03.by.gerald.200q.pdf

Latest Upload: 144CrowdStrike.CCSE-204.v2026-06-12.q25; 165VMware.2V0-17.25.v2026-06-12.q49; 158Appian.ACA-100.v2026-06-11.q23; 212CompTIA.220-1202.v2026-06-11.q114; 171CheckPoint.156-590.v2026-06-11.q47; 229CompTIA.220-1202.v2026-06-10.q109; 214CertiProf.CEHPC.v2026-06-10.q54; 154Hitachi.HQT-4160.v2026-06-10.q25; 408PMI.PMI-ACP-CN.v2026-06-09.q453; 195Splunk.SPLK-5002.v2026-06-08.q52

PCNSE Exam Question 76

PCNSE Exam Question 77

PCNSE Exam Question 78

PCNSE Exam Question 79

PCNSE Exam Question 80

Download PDF File