ExamGecko
Home / Palo Alto Networks / PCSFE / List of questions
Ask Question

Palo Alto Networks PCSFE Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Which protocol is used for communicating between VM-Series firewalls and a gateway load balancer in Amazon Web Services (AWS)?

VRLAN
VRLAN
Geneve
Geneve
GRE
GRE
VMLAN
VMLAN
Suggested answer: B
Explanation:

Geneve is the protocol used for communicating between VM-Series firewalls and a gateway load balancer in Amazon Web Services (AWS). A gateway load balancer is a type of network load balancer that distributes traffic across multiple virtual appliances, such as VM-Series firewalls, in AWS. Geneve is a tunneling protocol that encapsulates the original packet with an additional header that contains metadata about the source and destination endpoints, as well as other information. Geneve allows the gateway load balancer to preserve the original packet attributes and forward it to the appropriate VM-Series firewall for inspection and processing. VRLAN, GRE, and VMLAN are not protocols used for communicating between VM-Series firewalls and a gateway load balancer in AWS, but they are related concepts that can be used for other purposes. Reference: Palo Alto Networks Certified Software Firewall Engineer (PCSFE), [Deploy the VM-Series Firewall with AWS Gateway Load Balancer], [Geneve Protocol Specification]

asked 23/09/2024
yassine harbeg
42 questions

Question 12

Report Export Collapse

Which two elements of the Palo Alto Networks platform architecture enable security orchestration in a software-defined network (SDN)? (Choose two.)

Full set of APIs enabling programmatic control of policy and configuration
Full set of APIs enabling programmatic control of policy and configuration
VXLAN support for network-layer abstraction
VXLAN support for network-layer abstraction
Dynamic Address Groups to adapt Security policies dynamically
Dynamic Address Groups to adapt Security policies dynamically
NVGRE support for advanced VLAN integration
NVGRE support for advanced VLAN integration
Suggested answer: A, C
Explanation:

The two elements of the Palo Alto Networks platform architecture that enable security orchestration in a software-defined network (SDN) are:

Full set of APIs enabling programmatic control of policy and configuration

Dynamic Address Groups to adapt Security policies dynamically

The Palo Alto Networks platform architecture consists of four key elements: natively integrated security technologies, full set of APIs, cloud-delivered services, and centralized management. The full set of APIs enables programmatic control of policy and configuration across the platform, allowing for automation and integration with SDN controllers and orchestration tools. Dynamic Address Groups are objects that represent groups of IP addresses based on criteria such as tags, regions, interfaces, or user-defined attributes. Dynamic Address Groups allow Security policies to adapt dynamically to changes in the network topology or workload characteristics without requiring manual updates. VXLAN support for network-layer abstraction and NVGRE support for advanced VLAN integration are not elements of the Palo Alto Networks platform architecture, but they are features that support SDN deployments. Reference: Palo Alto Networks Certified Software Firewall Engineer (PCSFE), [Palo Alto Networks Platform Architecture], [API Overview], [Dynamic Address Groups Overview]

asked 23/09/2024
Meghan Crofford
42 questions

Question 13

Report Export Collapse

Which component scans for threats in allowed traffic?

Become a Premium Member for full access
  Unlock Premium Member

Question 14

Report Export Collapse

Which two deployment modes of VM-Series firewalls are supported across NSX-T? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 15

Report Export Collapse

A customer in a VMware ESXi environment wants to add a VM-Series firewall and partition an existing group of virtual machines (VMs) in the same subnet into two groups. One group requires no additional security, but the second group requires substantially more security.

How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?

Become a Premium Member for full access
  Unlock Premium Member

Question 16

Report Export Collapse

How must a Palo Alto Networks Next-Generation Firewall (NGFW) be configured in order to secure traffic in a Cisco ACI environment?

Become a Premium Member for full access
  Unlock Premium Member

Question 17

Report Export Collapse

Which component allows the flexibility to add network resources but does not require making changes to existing policies and rules?

Become a Premium Member for full access
  Unlock Premium Member

Question 18

Report Export Collapse

Which PAN-OS feature allows for automated updates to address objects when VM-Series firewalls are setup as part of an NSX deployment?

Become a Premium Member for full access
  Unlock Premium Member

Question 19

Report Export Collapse

Which two factors lead to improved return on investment for prospects interested in Palo Alto Networks virtualized next-generation firewalls (NGFWs)? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 20

Report Export Collapse

Auto scaling templates for which type of firewall enable deployment of a single auto scaling group (ASG) of VM-Series firewalls to secure inbound traffic from the internet to Amazon Web Services (AWS) application workloads?

Become a Premium Member for full access
  Unlock Premium Member
Total 65 questions
Go to page: of 7
Search