Exam PCNSE All QuestionsBrowse all questions from this exam
Go to Exam
Question 6

An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall.

Which priority is correct for the passive firewall?

    Correct Answer: D

    In an active/passive high availability (HA) configuration for Palo Alto Networks Next-Generation Firewalls (NGFWs), the active firewall is given a lower numerical priority value to ensure it takes precedence. Given that the active firewall has a priority value of 100, the passive firewall must be assigned a higher numerical priority value to ensure it does not take over unless necessary. Therefore, the correct priority for the passive firewall should be a value greater than 100, making 255 the appropriate choice.

Discussion
YasiOption: D

The lower the number, the higher the priority. So if active is higher priority, therefore assigned 100 , then the only one that will be second priority will be with number larger than 100 so Only 255 is applicable. Therefore D is the correct answer.

theroghertOption: D

only D

lol1000Option: D

Answer: D Passive needs lower priority so higher number. https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/pan-os/10-0/pan-os-admin/pan-os-admin.pdf page 315

lol12Option: D

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/device-priority-and-preemption

dgetanehOption: D

D is correct

cloudguy365Option: B

firewall with the lower numerical value, and therefore higher priority, is designated as active.

niklausOption: D

Correct Answer: D Link: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/device-priority-and-preemption PAN-OS: 10.2 Time of answer: May 30, 2022

KhalidBOption: D

D IS CORRECT

nk12Option: D

Correct Answer: D

StevenWilliams0728Option: B

The firewalls in an Active-Passive HA pair can be assigned a device priority value to indicate a preference for which firewall should assume the active role. If you need to use a specific firewall in the HA pair for actively securing traffic, you must enable the preemptive behavior on both the firewalls and assign a device priority value for each firewall. The firewall with the lower numerical value, and therefore higher priority, is designated as active. The other firewall is the passive firewall.

327c7c8Option: D

D: lower numeric value is higher priority

MarshpillowzOption: D

The only answer it can be is D. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/high-availability/ha-concepts/device-priority-and-preemption

easylifeOption: D

D is correct: I gave the Palo-Alto-Networks PCNSA test and scored 910/1000. This was all possible because of marks4sure as it helped me to pass in the first attempt.

TAKUM1yOption: D

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/device-priority-and-preemption

Nib2002Option: B

The firewall you plan to make active must have a lower numerical value than its peer. So, if Peer A is to function as the active firewall, keep the default value of 100 and increment the value on PeerB.