ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PSE-Strata

Palo Alto Networks PSE-Strata Practice Test - Questions Answers, Page 10

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through. Which command returns a valid result to verify the ML is working from the command line.
Which security profile on the NGFW includes signatures to protect you from brute force attacks?
Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface? A) B) C) D)
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer. The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)
Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?
Which three script types can be analyzed in WildFire? (Choose three)
When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can belogged?
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

Question 91

Report
Export
Collapse

XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy.

Which two features must be enabled to meet the customer’s requirements? (Choose two.)

A.
Virtual systems
A.
Virtual systems
Answers
B.
HA active/active
B.
HA active/active
Answers
C.
HA active/passive
C.
HA active/passive
Answers
D.
Policy-based forwarding
D.
Policy-based forwarding
Answers
Suggested answer: B, D

Question 92

Report
Export
Collapse

Access to a business site is blocked by URL Filtering inline machine learning (ML) and considered as a false-positive.

How should the site be made available?

A.
Disable URL Filtering inline ML
A.
Disable URL Filtering inline ML
Answers
B.
Create a custom URL category and add it to the Security policy
B.
Create a custom URL category and add it to the Security policy
Answers
C.
Create a custom URL category and add it on exception of the inline ML profile
C.
Create a custom URL category and add it on exception of the inline ML profile
Answers
D.
Change the action of real-time detection category on URL filtering profile
D.
Change the action of real-time detection category on URL filtering profile
Answers
Suggested answer: C

Question 93

Report
Export
Collapse

Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)

A.
Active / active high availability (HA)
A.
Active / active high availability (HA)
Answers
B.
Multiple virtual systems
B.
Multiple virtual systems
Answers
C.
non-SYN first packet
C.
non-SYN first packet
Answers
D.
Asymmetric routing profile
D.
Asymmetric routing profile
Answers
Suggested answer: A, C

Question 94

Report
Export
Collapse

Which three mechanisms are valid for enabling user mapping? (Choose three.)

A.
Captive Portal
A.
Captive Portal
Answers
B.
Domain server monitoring
B.
Domain server monitoring
Answers
C.
Reverse DNS lookup
C.
Reverse DNS lookup
Answers
D.
User behaviour recognition
D.
User behaviour recognition
Answers
E.
Client probing
E.
Client probing
Answers
Suggested answer: A, B, E

Question 95

Report
Export
Collapse

Which three of the following actions must be taken to enable Credential Phishing Prevention?

(Choose three.)

A.
Enable User Credential Detection
A.
Enable User Credential Detection
Answers
B.
Enable User-ID
B.
Enable User-ID
Answers
C.
Define a Secure Sockets Layer (SSL) decryption rule base
C.
Define a Secure Sockets Layer (SSL) decryption rule base
Answers
D.
Enable App-ID
D.
Enable App-ID
Answers
E.
Define a uniform resource locator (URL) Filtering profile
E.
Define a uniform resource locator (URL) Filtering profile
Answers
Suggested answer: A, B, E

Question 96

Report
Export
Collapse

Which two configuration elements can be used to prevent abuse of stolen credentials? (Choose two.)

A.
WildFire analysis
A.
WildFire analysis
Answers
B.
Dynamic user groups (DUGs)
B.
Dynamic user groups (DUGs)
Answers
C.
Multi-factor authentication (MFA)
C.
Multi-factor authentication (MFA)
Answers
D.
URL Filtering Profiles
D.
URL Filtering Profiles
Answers
Suggested answer: C, D

Question 97

Report
Export
Collapse

What are two benefits of the sinkhole Internet Protocol (IP) address that DNS Security sends to the client in place of malicious IP addresses? (Choose two.)

A.
The client communicates with it instead of the malicious IP address
A.
The client communicates with it instead of the malicious IP address
Answers
B.
It represents the remediation server that the client should visit for patching
B.
It represents the remediation server that the client should visit for patching
Answers
C.
It will take over as the new DNS resolver for that client and prevent further DNS requests from occurring in the meantime
C.
It will take over as the new DNS resolver for that client and prevent further DNS requests from occurring in the meantime
Answers
D.
In situations where the internal DNS server is between the client and the firewall, it gives the firewall the ability to identify the clients who originated the query to the malicious domain
D.
In situations where the internal DNS server is between the client and the firewall, it gives the firewall the ability to identify the clients who originated the query to the malicious domain
Answers
Suggested answer: A, D

Question 98

Report
Export
Collapse

A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues. How does the platform address the customer’s concern?

A.
It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
A.
It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
Answers
B.
It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
B.
It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
Answers
C.
It allows a list of websites or URL categories to be defined for exclusion from decryption
C.
It allows a list of websites or URL categories to be defined for exclusion from decryption
Answers
D.
It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted
D.
It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted
Answers
Suggested answer: C

Question 99

Report
Export
Collapse

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.

Which command returns a valid result to verify the ML is working from the command line.

A.
show wfml cloud-status
A.
show wfml cloud-status
Answers
B.
show mlav cloud-status
B.
show mlav cloud-status
Answers
C.
show ml cloud-status
C.
show ml cloud-status
Answers
D.
show av cloud-status
D.
show av cloud-status
Answers
Suggested answer: B

Question 100

Report
Export
Collapse

A Fortune 500 customer has expressed interest in purchasing WildFire; however, they do not want to send discovered malware outside of their network.

Which version of WildFire will meet this customer’s requirements?

A.
WildFire Private Cloud
A.
WildFire Private Cloud
Answers
B.
WildFire Government Cloud
B.
WildFire Government Cloud
Answers
C.
WildFire Secure Cloud
C.
WildFire Secure Cloud
Answers
D.
WildFire Public Cloud
D.
WildFire Public Cloud
Answers
Suggested answer: A
Total 139 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms