ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PSE-Strata

Palo Alto Networks PSE-Strata Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through. Which command returns a valid result to verify the ML is working from the command line.
Which security profile on the NGFW includes signatures to protect you from brute force attacks?
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer. The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)
Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?
Which three script types can be analyzed in WildFire? (Choose three)
When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can belogged?
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?
Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface? A) B) C) D)

Question 11

Report
Export
Collapse

What are two benefits of using Panorama for a customer who is deploying virtual firewalls to secure data center traffic? (Choose two.)

A.
It can provide the Automated Correlation Engine functionality, which the virtual firewalls do not support.
A.
It can provide the Automated Correlation Engine functionality, which the virtual firewalls do not support.
Answers
B.
It can monitor the virtual firewalls' physical hosts and Vmotion them as necessary
B.
It can monitor the virtual firewalls' physical hosts and Vmotion them as necessary
Answers
C.
It can automatically create address groups for use with KVM.
C.
It can automatically create address groups for use with KVM.
Answers
D.
It can bootstrap the virtual firewalls for dynamic deployment scenarios.
D.
It can bootstrap the virtual firewalls for dynamic deployment scenarios.
Answers
Suggested answer: A, D

Question 12

Report
Export
Collapse

Which two tabs in Panorama can be used to identify templates to define a common base configuration? (Choose two.)

A.
Network Tab
A.
Network Tab
Answers
B.
Policies Tab
B.
Policies Tab
Answers
C.
Device Tab
C.
Device Tab
Answers
D.
Objects Tab
D.
Objects Tab
Answers
Suggested answer: A, C

Explanation:

https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/panorama-webinterface/panorama-templates/template-stacks

Question 13

Report
Export
Collapse

An endpoint, inside an organization, is infected with known malware that attempts to make a command-and-control connection to a C2 server via the destination IP address Which mechanism prevents this connection from succeeding?

A.
DNS Sinkholing
A.
DNS Sinkholing
Answers
B.
DNS Proxy
B.
DNS Proxy
Answers
C.
Anti-Spyware Signatures
C.
Anti-Spyware Signatures
Answers
D.
Wildfire Analysis
D.
Wildfire Analysis
Answers
Suggested answer: A

Question 14

Report
Export
Collapse

How frequently do WildFire signatures move into the antivirus database?

A.
every 24 hours
A.
every 24 hours
Answers
B.
every 12 hours
B.
every 12 hours
Answers
C.
once a week
C.
once a week
Answers
D.
every 1 hour
D.
every 1 hour
Answers
Suggested answer: A

Explanation:

https://docs.paloaltonetworks.com/wildfire/9-0/wildfire-admin/wildfire-overview/wildfireconcepts/wildfire-signatures

Question 15

Report
Export
Collapse

What are two presales selling advantages of using Expedition? (Choose two.)

A.
map migration gaps to professional services statement of Works (SOWs)
A.
map migration gaps to professional services statement of Works (SOWs)
Answers
B.
streamline & migrate to Layer7 policies using Policy Optimizer
B.
streamline & migrate to Layer7 policies using Policy Optimizer
Answers
C.
reduce effort to implement policies based on App-ID and User-ID
C.
reduce effort to implement policies based on App-ID and User-ID
Answers
D.
easy migration process to move to Palo Alto Networks NGFWs
D.
easy migration process to move to Palo Alto Networks NGFWs
Answers
Suggested answer: A, D

Question 16

Report
Export
Collapse

Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)

A.
Traffic is separated by zones
A.
Traffic is separated by zones
Answers
B.
Policy match is based on application
B.
Policy match is based on application
Answers
C.
Identification of application is possible on any port
C.
Identification of application is possible on any port
Answers
D.
Traffic control is based on IP port, and protocol
D.
Traffic control is based on IP port, and protocol
Answers
Suggested answer: B, C

Question 17

Report
Export
Collapse

An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer.

The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)

A.
Control of post rules
A.
Control of post rules
Answers
B.
Control local firewall rules
B.
Control local firewall rules
Answers
C.
Ensure management continuity
C.
Ensure management continuity
Answers
D.
Improve log collection redundancy
D.
Improve log collection redundancy
Answers
Suggested answer: C, D

Question 18

Report
Export
Collapse

Which CLI allows you to view the names of SD-WAN policy rules that send traffic to the specified virtual SD-WAN interface, along with the performance metrics?

A)

B)

C)

D)

A.
Option
A.
Option
Answers
B.
Option
B.
Option
Answers
C.
Option
C.
Option
Answers
D.
Option
D.
Option
Answers
Suggested answer: A

Explanation:

https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/troubleshooting/use-cli-commands-for-sd-wan-tasks.html

Question 19

Report
Export
Collapse

Which two network events are highlighted through correlation objects as potential security risks?

(Choose two.)

A.
Identified vulnerability exploits
A.
Identified vulnerability exploits
Answers
B.
Launch of an identified malware executable file
B.
Launch of an identified malware executable file
Answers
C.
Endpoints access files from a removable drive
C.
Endpoints access files from a removable drive
Answers
D.
Suspicious host behavior
D.
Suspicious host behavior
Answers
Suggested answer: A, D

Question 20

Report
Export
Collapse

Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

A.
use of decryption policies
A.
use of decryption policies
Answers
B.
measure the adoption of URL filters. App-ID. User-ID
B.
measure the adoption of URL filters. App-ID. User-ID
Answers
C.
use of device management access and settings
C.
use of device management access and settings
Answers
D.
expose the visibility and presence of command-and-control sessions
D.
expose the visibility and presence of command-and-control sessions
Answers
E.
identify sanctioned and unsanctioned SaaS applications
E.
identify sanctioned and unsanctioned SaaS applications
Answers
Suggested answer: A, B, E
Total 139 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms