ExamGecko
Login
Home / Palo Alto Networks / PSE-Strata / List of questions
Ask Question

Palo Alto Networks PSE-Strata Practice Test - Questions Answers, Page 10

List of questions

Question 91

Report
Export
Collapse

XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy.

Which two features must be enabled to meet the customer’s requirements? (Choose two.)

Virtual systems
Virtual systems
HA active/active
HA active/active
HA active/passive
HA active/passive
Policy-based forwarding
Policy-based forwarding
Suggested answer: B, D
asked 23/09/2024
Danyail Storey
28 questions

Question 92

Report
Export
Collapse

Access to a business site is blocked by URL Filtering inline machine learning (ML) and considered as a false-positive.

How should the site be made available?

Disable URL Filtering inline ML
Disable URL Filtering inline ML
Create a custom URL category and add it to the Security policy
Create a custom URL category and add it to the Security policy
Create a custom URL category and add it on exception of the inline ML profile
Create a custom URL category and add it on exception of the inline ML profile
Change the action of real-time detection category on URL filtering profile
Change the action of real-time detection category on URL filtering profile
Suggested answer: C
asked 23/09/2024
Laurence Peterson
34 questions

Question 93

Report
Export
Collapse

Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)

Active / active high availability (HA)
Active / active high availability (HA)
Multiple virtual systems
Multiple virtual systems
non-SYN first packet
non-SYN first packet
Asymmetric routing profile
Asymmetric routing profile
Suggested answer: A, C
asked 23/09/2024
Yahya Ozer
35 questions

Question 94

Report
Export
Collapse

Which three mechanisms are valid for enabling user mapping? (Choose three.)

Captive Portal
Captive Portal
Domain server monitoring
Domain server monitoring
Reverse DNS lookup
Reverse DNS lookup
User behaviour recognition
User behaviour recognition
Client probing
Client probing
Suggested answer: A, B, E
asked 23/09/2024
Peter Chong
37 questions

Question 95

Report
Export
Collapse

Which three of the following actions must be taken to enable Credential Phishing Prevention?

(Choose three.)

Enable User Credential Detection
Enable User Credential Detection
Enable User-ID
Enable User-ID
Define a Secure Sockets Layer (SSL) decryption rule base
Define a Secure Sockets Layer (SSL) decryption rule base
Enable App-ID
Enable App-ID
Define a uniform resource locator (URL) Filtering profile
Define a uniform resource locator (URL) Filtering profile
Suggested answer: A, B, E
asked 23/09/2024
Tresor Garcia
40 questions

Question 96

Report
Export
Collapse

Which two configuration elements can be used to prevent abuse of stolen credentials? (Choose two.)

WildFire analysis
WildFire analysis
Dynamic user groups (DUGs)
Dynamic user groups (DUGs)
Multi-factor authentication (MFA)
Multi-factor authentication (MFA)
URL Filtering Profiles
URL Filtering Profiles
Suggested answer: C, D
asked 23/09/2024
Dylan Ogle
45 questions

Question 97

Report
Export
Collapse

What are two benefits of the sinkhole Internet Protocol (IP) address that DNS Security sends to the client in place of malicious IP addresses? (Choose two.)

The client communicates with it instead of the malicious IP address
The client communicates with it instead of the malicious IP address
It represents the remediation server that the client should visit for patching
It represents the remediation server that the client should visit for patching
It will take over as the new DNS resolver for that client and prevent further DNS requests from occurring in the meantime
It will take over as the new DNS resolver for that client and prevent further DNS requests from occurring in the meantime
In situations where the internal DNS server is between the client and the firewall, it gives the firewall the ability to identify the clients who originated the query to the malicious domain
In situations where the internal DNS server is between the client and the firewall, it gives the firewall the ability to identify the clients who originated the query to the malicious domain
Suggested answer: A, D
asked 23/09/2024
KHALID ALSHAHRANI
46 questions

Question 98

Report
Export
Collapse

A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues. How does the platform address the customer’s concern?

It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
It allows a list of websites or URL categories to be defined for exclusion from decryption
It allows a list of websites or URL categories to be defined for exclusion from decryption
It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted
It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted
Suggested answer: C
asked 23/09/2024
stefano atzei
33 questions

Question 99

Report
Export
Collapse

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.

Which command returns a valid result to verify the ML is working from the command line.

show wfml cloud-status
show wfml cloud-status
show mlav cloud-status
show mlav cloud-status
show ml cloud-status
show ml cloud-status
show av cloud-status
show av cloud-status
Suggested answer: B
asked 23/09/2024
Emmanuel ogoro
34 questions

Question 100

Report
Export
Collapse

A Fortune 500 customer has expressed interest in purchasing WildFire; however, they do not want to send discovered malware outside of their network.

Which version of WildFire will meet this customer’s requirements?

WildFire Private Cloud
WildFire Private Cloud
WildFire Government Cloud
WildFire Government Cloud
WildFire Secure Cloud
WildFire Secure Cloud
WildFire Public Cloud
WildFire Public Cloud
Suggested answer: A
asked 23/09/2024
Mathias Bergman
25 questions
Total 139 questions
Go to page: of 14
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three methods used to map users to IP addresses are supported in Palo Alto Networks firewalls? (Choose three.)
Which four steps of the cyberattack lifecycle does the Palo Alto Networks Security Operating Platform prevent? (Choose four.)
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?
Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?
Which are the three mandatory components needed to run Cortex XDR? (Choose three.)
Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)
Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface? A) B) C) D)
Which two network events are highlighted through correlation objects as potential security risks? (Choose two.)
Which CLI allows you to view the names of SD-WAN policy rules that send traffic to the specified virtual SD-WAN interface, along with the performance metrics? A) B) C) D)
What are three sources of malware sample data for the Threat Intelligence Cloud? (Choose three)