Palo Alto Security Engineer (PCNSE) Exam Questions 2024

Exam Domain 1 – Plan

• Identify how the Palo Alto Networks products work together to detect and prevent threats
• Given a scenario, identify how to design and implementation of the firewall to meet business requirements that leverage the Palo Alto Networks Security Operating Platform
• Given a scenario, identify how to design and implementation of firewalls in High Availability to meet business requirements that leverage the Palo Alto Networks Security Operating Platform
• Identify the appropriate interface type and configuration for a specified network deployment
• Identify strategies for retaining logs using Distributed Log Collection
• Given a scenario, identify the strategy that should be implemented for Distributed Log Collection
• Identify how to use template stacks for administering Palo Alto Networks firewalls as a scalable solution using Panorama
• Identify how to use device group hierarchy for administering Palo Alto Networks firewalls as a scalable solution using Panorama
• Identify planning considerations unique to deploying Palo Alto Networks firewalls in a public cloud
• Identify planning considerations unique to deploying Palo Alto Networks firewalls in a hybrid cloud
• Identify planning considerations unique to deploying Palo Alto Networks firewalls in a private cloud
• Identify methods for authorization, authentication, and device administration
• Identify the methods of certificate creation on the firewall
• Identify options available in the firewall to support dynamic routing
• Given a scenario, identify ways to mitigate resource exhaustion (because of denial of service) in application servers
• Identify decryption deployment strategies
• Identify the impact of application override on the overall functionality of the firewall
• Identify the methods of UserID redistribution
• Identify VMSeries bootstrap components and their function

Exam Domain 2 – Deploy and Configure

• Identify the application meanings in the Traffic log (incomplete, insufficient data, nonsyn TCP, not applicable, unknown TCP, unknown UDP, and unknown P2P)
•  Given a scenario, identify the set of Security Profiles that should be used
•  Identify the relationship between URL filtering and credential theft prevention
•  Implement and maintain the AppID lifecycle
•  Identify how to create security rules to implement AppID without relying on portbased rules
•  Identify configurations for distributed Log Collectors
•  Identify the required settings and steps necessary to provision and deploy a nextgeneration firewall
•  Identify which device of an HA pair is the active partner
•  Identify various methods for authentication, authorization, and device administration within PANOS software for connecting to the firewall
•  Identify how to configure and maintain certificates to support firewall features
•  Identify the features that support IPv6
•  Identify how to configure a virtual router
•  Given a scenario, identify how to configure an interface as a DHCP relay agent
•  Identify the configuration settings for sitetosite VPN
•  Identify the configuration settings for GlobalProtect
•  Identify how to configure features of NAT policy rules
•  Given a configuration example including DNAT, identify how to configure security rules
•  Identify how to configure decryption
•  Given a scenario, identify an application override configuration and use case
•  Identify how to configure VMSeries firewalls for deployment
•  Identify how to configure firewalls to use tags and filtered log forwarding for integration with network automation

Exam Domain 3 – Operate

• Identify considerations for configuring external log forwarding
• Interpret log files, reports, and graphs to determine traffic and threat trends
• Identify scenarios in which there is a benefit from using custom signatures
• Given a scenario, identify the process to update a Palo Alto Networks system to the latest version of the software
• Identify how configuration management operations are used to ensure desired operational state of stability and continuity
• Identify the settings related to critical HA functions (link monitoring; path monitoring; HA1, HA2, and HA3 functionality; HA backup links; and differences between A/A and A/P)
• Identify the sources of information that pertain to HA functionality
• Identify how to configure the firewall to integrate with AutoFocus and verify its functionality
• Identify the impact of deploying dynamic updates
• Identify the relationship between Panorama and devices as pertaining to dynamic updates versions and policy implementation and/or HA peers

Exam Domain 4 – Configuration and Troubleshooting

• Identify system and traffic issues using the web interface and CLI tools
• Given a session output, identify the configuration requirements used to perform a packet capture
• Given a scenario, identify how to troubleshoot and configure interface components
• Identify how to troubleshoot SSL decryption failures
• Identify issues with the certificate chain of trust
• Given a scenario, identify how to troubleshoot traffic routing issues
• Given a scenario, identify how to troubleshoot a bootstrap install process

Exam Domain 5 – Core Concepts

• Identify the correct order of the policy evaluation based on the packet flow architecture
• Given an attack scenario, identify the appropriate Palo Alto Networks threat prevention component to prevent or mitigate the attack
• Identify methods for identifying users
• Identify the fundamental functions residing on the management plane and data plane of a Palo Alto Networks firewall
• Given a scenario, determine how to control bandwidth use on a per-application basis
• Identify the fundamental functions and concepts of WildFire
• Identify the purpose of and use case for MFA and the Authentication policy
• Identify the dependencies for implementing MFA
• Given a scenario, identify how to forward traffic
• Given a scenario, identify how to configure policies and related objects
• Identify the methods for automating the configuration of a firewall