ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PSE-Strata

Palo Alto Networks PSE-Strata Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through. Which command returns a valid result to verify the ML is working from the command line.
Which security profile on the NGFW includes signatures to protect you from brute force attacks?
Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface? A) B) C) D)
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer. The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)
Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?
Which three script types can be analyzed in WildFire? (Choose three)
When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can belogged?
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

Question 101

Report
Export
Collapse

Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

A.
Security policy rule
A.
Security policy rule
Answers
B.
Tag
B.
Tag
Answers
C.
Login ID
C.
Login ID
Answers
D.
IP address
D.
IP address
Answers
Suggested answer: B

Question 102

Report
Export
Collapse

A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture.

What are two steps in this process? (Choose two.)

A.
Validate user identities through authentication
A.
Validate user identities through authentication
Answers
B.
Gain visibility of and control over applications and functionality in the traffic flow using a port and protocol firewall
B.
Gain visibility of and control over applications and functionality in the traffic flow using a port and protocol firewall
Answers
C.
Categorize data and applications by levels of sensitivity
C.
Categorize data and applications by levels of sensitivity
Answers
D.
Prioritize securing the endpoints of privileged users because if non-privileged user endpoints are exploited, the impact will be minimal due to perimeter controls
D.
Prioritize securing the endpoints of privileged users because if non-privileged user endpoints are exploited, the impact will be minimal due to perimeter controls
Answers
Suggested answer: A, C

Question 103

Report
Export
Collapse

Which proprietary technology solutions will allow a customer to identify and control traffic sources regardless of internet protocol (IP) address or network segment?

A.
User ID and Device-ID
A.
User ID and Device-ID
Answers
B.
Source-D and Network.ID
B.
Source-D and Network.ID
Answers
C.
Source ID and Device-ID
C.
Source ID and Device-ID
Answers
D.
User-ID and Source-ID
D.
User-ID and Source-ID
Answers
Suggested answer: A

Question 104

Report
Export
Collapse

When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can belogged?

A.
X-Forwarded-For
A.
X-Forwarded-For
Answers
B.
HTTP method
B.
HTTP method
Answers
C.
HTTP response status code
C.
HTTP response status code
Answers
D.
Content type
D.
Content type
Answers
Suggested answer: A

Question 105

Report
Export
Collapse

Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?

A.
It processes each feature in a separate single pass with additional performance impact for each enabled feature.
A.
It processes each feature in a separate single pass with additional performance impact for each enabled feature.
Answers
B.
Its processing applies only to security features and does not include any networking features.
B.
Its processing applies only to security features and does not include any networking features.
Answers
C.
It processes all traffic in a single pass with no additional performance impact for each enabled feature.
C.
It processes all traffic in a single pass with no additional performance impact for each enabled feature.
Answers
D.
It splits the traffic and processes all security features in a single pass and all network features in a separate pass
D.
It splits the traffic and processes all security features in a single pass and all network features in a separate pass
Answers
Suggested answer: C

Question 106

Report
Export
Collapse

WildFire can discover zero-day malware in which three types of traffic? (Choose three)

A.
SMTP
A.
SMTP
Answers
B.
HTTPS
B.
HTTPS
Answers
C.
FTP
C.
FTP
Answers
D.
DNS
D.
DNS
Answers
E.
TFTP
E.
TFTP
Answers
Suggested answer: A, B, C

Question 107

Report
Export
Collapse

In Panorama, which three reports or logs will help identify the inclusion of a host source in a command-and-control (C2) incident? (Choose three.)

A.
SaaS reports
A.
SaaS reports
Answers
B.
data filtering logs
B.
data filtering logs
Answers
C.
WildFire analysis reports
C.
WildFire analysis reports
Answers
D.
threat logs
D.
threat logs
Answers
E.
botnet reports
E.
botnet reports
Answers
Suggested answer: C, D, E

Question 108

Report
Export
Collapse

What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?

A.
Run a Perl script to regularly check for updates and alert when one is released
A.
Run a Perl script to regularly check for updates and alert when one is released
Answers
B.
Monitor update announcements and manually push updates to Crewall
B.
Monitor update announcements and manually push updates to Crewall
Answers
C.
Store updates on an intermediary server and point all the firewalls to it
C.
Store updates on an intermediary server and point all the firewalls to it
Answers
D.
Use dynamic updates with the most aggressive schedule required by business needs
D.
Use dynamic updates with the most aggressive schedule required by business needs
Answers
Suggested answer: D

Question 109

Report
Export
Collapse

Which of the following statements is valid with regard to Domain Name System (DNS) sinkholing?

A.
it requires the Vulnerability Protection profile to be enabled
A.
it requires the Vulnerability Protection profile to be enabled
Answers
B.
DNS sinkholing signatures are packaged and delivered through Vulnerability Protection updates
B.
DNS sinkholing signatures are packaged and delivered through Vulnerability Protection updates
Answers
C.
infected hosts connecting to the Sinkhole Internet Protocol (IP) address can be identified in the traffic logs
C.
infected hosts connecting to the Sinkhole Internet Protocol (IP) address can be identified in the traffic logs
Answers
D.
It requires a Sinkhole license in order to activate
D.
It requires a Sinkhole license in order to activate
Answers
Suggested answer: C

Question 110

Report
Export
Collapse

A customer with a fully licensed Palo Alto Networks firewall is concerned about threats based on domain generation algorithms (DGAS).

Which Security profile is used to configure Domain Name Security (DNS) to Identity and block previously unknown DGA-based threats in real time?

A.
URL Filtering profile
A.
URL Filtering profile
Answers
B.
WildFire Analysis profile
B.
WildFire Analysis profile
Answers
C.
Vulnerability Protection profile
C.
Vulnerability Protection profile
Answers
D.
Anti-Spyware profile
D.
Anti-Spyware profile
Answers
Suggested answer: D
Total 139 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms