ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PSE-Strata

Palo Alto Networks PSE-Strata Practice Test - Questions Answers, Page 14

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?
WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through. Which command returns a valid result to verify the ML is working from the command line.
Which security profile on the NGFW includes signatures to protect you from brute force attacks?
Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface? A) B) C) D)
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer. The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)
Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
Which three script types can be analyzed in WildFire? (Choose three)
When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can belogged?
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

Question 131

Report
Export
Collapse

What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?

A.
allow the request and all subsequent responses
A.
allow the request and all subsequent responses
Answers
B.
temporarily disable the DNS Security function
B.
temporarily disable the DNS Security function
Answers
C.
block the query
C.
block the query
Answers
D.
discard the request and all subsequent responses
D.
discard the request and all subsequent responses
Answers
Suggested answer: A

Question 132

Report
Export
Collapse

What is the default behavior in PAN-OS when a 12 MB portable executable (PE) fe is forwarded to the WildFire cloud service?

A.
PE File is not forwarded.
A.
PE File is not forwarded.
Answers
B.
Flash file is not forwarded.
B.
Flash file is not forwarded.
Answers
C.
PE File is forwarded
C.
PE File is forwarded
Answers
D.
Flash file is forwarded
D.
Flash file is forwarded
Answers
Suggested answer: C

Question 133

Report
Export
Collapse

What is an advantage of having WildFire machine learning (ML) capability Inline on the firewall?

A.
It eliminates of the necessity for dynamic analysis in the cloud
A.
It eliminates of the necessity for dynamic analysis in the cloud
Answers
B.
It enables the firewall to block unknown malicious files in real time and prevent patient zero without disrupting business productivity
B.
It enables the firewall to block unknown malicious files in real time and prevent patient zero without disrupting business productivity
Answers
C.
It is always able to give more accurate verdicts than the cloud ML analysis reducing false positives and false negatives
C.
It is always able to give more accurate verdicts than the cloud ML analysis reducing false positives and false negatives
Answers
D.
It improves the CPU performance of content inspection
D.
It improves the CPU performance of content inspection
Answers
Suggested answer: B

Question 134

Report
Export
Collapse

Which three script types can be analyzed in WildFire? (Choose three)

A.
PythonScript
A.
PythonScript
Answers
B.
MonoSenpt
B.
MonoSenpt
Answers
C.
JScript
C.
JScript
Answers
D.
PowerShell Script
D.
PowerShell Script
Answers
E.
VBScript
E.
VBScript
Answers
Suggested answer: A, C, E

Question 135

Report
Export
Collapse

What are two ways to manually add and remove members of dynamic user groups (DUGs)? (Choose two)

A.
Add the user to an external dynamic list (EDL).
A.
Add the user to an external dynamic list (EDL).
Answers
B.
Tag the user using Panorama or the Web Ul of the firewall.
B.
Tag the user using Panorama or the Web Ul of the firewall.
Answers
C.
Tag the user through the firewalls XML API.
C.
Tag the user through the firewalls XML API.
Answers
D.
Tag the user through Active Directory
D.
Tag the user through Active Directory
Answers
Suggested answer: B, C

Question 136

Report
Export
Collapse

A packet that is already associated with a current session arrives at the firewall.

What is the flow of the packet after the firewall determines that it is matched with an existing session?

A.
it is sent through the fast path because session establishment is not required. If subject to content inspection, it will pass through a single stream-based content inspection engine before egress.
A.
it is sent through the fast path because session establishment is not required. If subject to content inspection, it will pass through a single stream-based content inspection engine before egress.
Answers
B.
It is sent through the slow path for further inspection. If subject to content inspection, it will pass through a single stream-based content inspection engines before egress
B.
It is sent through the slow path for further inspection. If subject to content inspection, it will pass through a single stream-based content inspection engines before egress
Answers
C.
It is sent through the fast path because session establishment is not required. If subject to content inspection, it will pass through multiple content inspection engines before egress
C.
It is sent through the fast path because session establishment is not required. If subject to content inspection, it will pass through multiple content inspection engines before egress
Answers
D.
It is sent through the slow path for further inspection. If subject to content inspection, it will pass through multiple content inspection engines before egress
D.
It is sent through the slow path for further inspection. If subject to content inspection, it will pass through multiple content inspection engines before egress
Answers
Suggested answer: A

Question 137

Report
Export
Collapse

What helps avoid split brain in active / passive high availability (HA) pair deployment?

A.
Enable preemption on both firewalls in the HA pair.
A.
Enable preemption on both firewalls in the HA pair.
Answers
B.
Use a standard traffic interface as the HA3 link.
B.
Use a standard traffic interface as the HA3 link.
Answers
C.
Use the management interface as the HA1 backup link
C.
Use the management interface as the HA1 backup link
Answers
D.
Use a standard traffic interface as the HA2 backup
D.
Use a standard traffic interface as the HA2 backup
Answers
Suggested answer: C

Question 138

Report
Export
Collapse

The Palo Ao Networks Cloud Identity Engino (CIE) includes which service that supports identity Providers (ldP)?

A.
Directory Sync and Cloud Authentication Service that support IdP ung SAML 2.0 and OAuth2
A.
Directory Sync and Cloud Authentication Service that support IdP ung SAML 2.0 and OAuth2
Answers
B.
Cloud Authentication Service that supports IdP using SAML 2.0 and OAuth2
B.
Cloud Authentication Service that supports IdP using SAML 2.0 and OAuth2
Answers
C.
Directory Sync and Cloud Authentication Service that support IdP ng SAML 2.0
C.
Directory Sync and Cloud Authentication Service that support IdP ng SAML 2.0
Answers
D.
Directory Sync that supports IdP using SAML 2.0
D.
Directory Sync that supports IdP using SAML 2.0
Answers
Suggested answer: A

Question 139

Report
Export
Collapse

Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?

A.
M-600 appliance
A.
M-600 appliance
Answers
B.
Panorama Interconnect plugin
B.
Panorama Interconnect plugin
Answers
C.
Panorama Large Scale VPN (LSVPN) plugin
C.
Panorama Large Scale VPN (LSVPN) plugin
Answers
D.
Palo Alto Networks Cluster license
D.
Palo Alto Networks Cluster license
Answers
Suggested answer: B

Explanation:


Total 139 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms