Summer Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

PSE-Strata Sample Questions Answers

Questions 4

A customer is looking for an analytics tool that uses the logs on the firewall to detect actionable events on the network. They require something to automatically process a series of related threat events that, when combined, indicate a likely compromised host on their network or some other higher level conclusion. They need to pinpoint the area of risk, such as compromised hosts on the network, allows you to assess the risk and take action to prevent exploitation of network resources.

Which feature of PAN-OS can you talk about to address their requirement to optimize their business outcomes?

Options:

A.

The Automated Correlation Engine

B.

Cortex XDR and Cortex Data Lake

C.

WildFire with API calls for automation

D.

3rd Party SIEM which can ingest NGFW logs and perform event correlation

Buy Now
Questions 5

XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy. Which two features must be enabled to meet the customer's requirements? (Choose two.)

Options:

A.

Policy-based forwarding

B.

HA active/active

C.

Virtual systems

D.

HA active/passive

Buy Now
Questions 6

Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?

Options:

A.

Prototype

B.

Inputs

C.

Class

D.

Feed Base URL

Questions 7

Which two components must be configured within User-ID on a new firewall that has been implemented? (Choose two.)

Options:

A.

User Mapping

B.

Proxy Authentication

C.

Group Mapping

D.

802.1X Authentication

Questions 8

Which Palo Alto Networks pre-sales tool involves approximately 4 hour interview to discuss a customer's current security posture?

Options:

A.

BPA

B.

PPA

C.

Expedition

D.

SLR

Buy Now
Questions 9

A customer has business-critical applications that rely on the general web-browsing application. Which security profile can help prevent drive-by-downloads while still allowing web-browsing traffic?

Options:

A.

File Blocking Profile

B.

DoS Protection Profile

C.

URL Filtering Profile

D.

Vulnerability Protection Profile

Buy Now
Questions 10

What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

Options:

A.

operational efficiencies due to reduction in manual incident review and decrease in mean time to resolution (MTTR)

B.

improved revenue due to more efficient network traffic throughput

C.

Increased security due to scalable cloud delivered security Services (CDSS)

D.

Cost savings due to reduction in IT management effort and device

Buy Now
Questions 11

A customer requires an analytics tool with the following attributes:

- Uses the logs on the firewall to detect actionable events on the network

- Automatically processes a series of related threat events that, when combines, indicate a likely comprised host on the network

- Pinpoints the area of risk and allows for assessment of the risk to action can be taken to prevent exploitation of network resources

Which feature of PAN-OS will address these requirements?

Options:

A.

WildFire with application program interface (API) calls for automation

B.

Third-party security information and event management (SIEM) which can ingest next-generation firewall (NGFW) logs

C.

Automated correlation engine (ACE)

D.

Cortex XDR and Cortex Data Lake

Buy Now
Questions 12

What are two core values of the Palo Alto Network Security Operating Platform? (Choose two.}

Options:

A.

prevention of cyber attacks

B.

safe enablement of all applications

C.

threat remediation

D.

defense against threats with static security solution

Buy Now
Questions 13

The need for a file proxy solution, virus and spyware scanner, a vulnerability scanner, and HTTP decoder for URL filtering is handled by which component in the NGFW?

Options:

A.

First Packet Processor

B.

Stream-based Signature Engine

C.

SIA (Scan It All) Processing Engine

D.

Security Processing Engine

Buy Now
Questions 14

Which two products can send logs to the Cortex Data Lake? (Choose two.)

Options:

A.

AutoFocus

B.

PA-3260 firewall

C.

Prisma Access

D.

Prisma Public Cloud

Buy Now
Questions 15

What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?

Options:

A.

allow the request and all subsequent responses

B.

temporarily disable the DNS Security function

C.

block the query

D.

discard the request and all subsequent responses

Buy Now
Questions 16

WildFire subscription supports analysis of which three types? (Choose three.)

Options:

A.

GIF

B.

7-Zip

C.

Flash

D.

RPM

E.

ISO

F.

DMG

Buy Now
Questions 17

In which two ways can PAN-OS software consume MineMeld outputs? (Choose two.)

Options:

A.

TXT

B.

API

C.

CSV

D.

EDL

Buy Now
Questions 18

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.

Which command returns a valid result to verify the ML is working from the command line.

Options:

A.

show wfml cloud-status

B.

show mlav cloud-status

C.

show ml cloud-status

D.

show av cloud-status

Buy Now
Questions 19

Which are the three mandatory components needed to run Cortex XDR? (Choose three.)

Options:

A.

Panorama

B.

NGFW with PANOS 8 0.5 or later

C.

Cortex Data Lake

D.

Traps

E.

Pathfinder

F.

Directory Syn Service

Buy Now
Questions 20

The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security.

The firewall provides which three types of reports? (Choose three.)

Options:

A.

SNMP Reports

B.

PDF Summary Reports

C.

Netflow Reports

D.

Botnet Reports

E.

User or Group Activity Reports

Buy Now
Questions 21

In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains? (Choose three.)

Options:

A.

grayware

B.

command and control (C2)

C.

benign

D.

government

E.

malware

Buy Now
Questions 22

Which domain permissions are required by the User-ID Agent for WMI Authentication on a Windows Server? (Choose three.)

Options:

A.

Domain Administrators

B.

Enterprise Administrators

C.

Distributed COM Users

D.

Event Log Readers

E.

Server Operator

Buy Now
Questions 23

A customer with a fully licensed Palo Alto Networks firewall is concerned about threats based on domain generation algorithms (DGAS).

Which Security profile is used to configure Domain Name Security (DNS) to Identity and block

previously unknown DGA-based threats in real time?

Options:

A.

URL Filtering profile

B.

WildFire Analysis profile

C.

Vulnerability Protection profile

D.

Anti-Spyware profile

Buy Now
Questions 24

Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface?

A)

B)

C)

D)

Options:

A.

Option

B.

Option

C.

Option

D.

Option

Questions 25

Which three settings must be configured to enable Credential Phishing Prevention? (Choose three.)

Options:

A.

define an SSL decryption rulebase

B.

enable User-ID

C.

validate credential submission detection

D.

enable App-ID

E.

define URL Filtering Profile

Questions 26

Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

Options:

A.

Security policy rule

B.

Tag

C.

Login ID

D.

IP address

Buy Now
Questions 27

Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)

Options:

A.

Include all traffic types in decryption policy

B.

Inability to access websites

C.

Exclude certain types of traffic in decryption policy

D.

Deploy decryption setting all at one time

E.

Ensure throughput is not an issue

Buy Now
Questions 28

For customers with high bandwidth requirements for Service Connections, what two limitations exist when onboarding multiple Service Connections to the same Prisma Access location servicing a single

Datacenter? (Choose two.)

Options:

A.

Network segments in the Datacenter need to be advertised to only one Service Connection

B.

The customer edge device needs to support policy-based routing with symmetric return functionality

C.

The resources in the Datacenter will only be able to reach remote network resources that share the same region

D.

A maximum of four service connections per Datacenter are supported with this topology

Buy Now
Questions 29

When the Cortex Data Lake is sized for Prisma Access mobile users, what is a valid log size range you would use per day. per user?

Options:

A.

1500 to 2500 bytes

B.

10MB to 30 MB

C.

1MB to 5 MB

D.

100MB to 200 MB

Buy Now
Questions 30

Match the WildFire Inline Machine Learning Model to the correct description for that model.

Options:

Buy Now
Questions 31

Which three platform components can identify and protect against malicious email links? (Choose three.)

Options:

A.

WildFire hybrid cloud solution

B.

WildFire public cloud

C.

WF-500

D.

M-200

E.

M-600

Buy Now
Questions 32

Which three script types can be analyzed in WildFire? (Choose three)

Options:

A.

PythonScript

B.

MonoSenpt

C.

JScript

D.

PowerShell Script

E.

VBScript

Buy Now
Questions 33

A customer requires protections and verdicts for portable executable (PE) and executable and linkable format (ELF), as well as the ability to integrate with existing security tools.

Which Cloud-Delivered Security Service (CDSS) does Palo Alto Networks provide that will address this requirement?

Options:

A.

Dynamic Unpacking

B.

WildFire

C.

DNS Security

D.

File Blocking profile

Buy Now
Questions 34

A WildFire subscription is required for which two of the following activities? (Choose two)

Options:

A.

Filter uniform resource locator (URL) sites by category.

B.

Forward advanced file types from the firewall for analysis.

C.

Use the WildFire Application Programming Interface (API) to submit website links for analysis

D.

Enforce policy based on Host Information Profile (HIP)

E.

Decrypt Secure Sockets Layer (SSL)

Buy Now
Questions 35

in which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?

Options:

A.

Step 4. Create the Zero Trust policy.

B.

Step 2: Map the transaction flows.

C.

Step 3. Architect a Zero Trust network.

D.

Step 1: Define the protect surface

Buy Now
Questions 36

Palo Alto Networks publishes updated Command-and-Control signatures. How frequently should the related signatures schedule be set?

Options:

A.

Once a day

B.

Once a week

C.

Once every minute

D.

Once an hour

Buy Now
Questions 37

In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

Options:

A.

HA3

B.

HA1

C.

HA2

D.

HA4

Buy Now
Questions 38

Which CLI allows you to view the names of SD-WAN policy rules that send traffic to the specified virtual SD-WAN interface, along with the performance metrics?

A)

B)

C)

D)

Options:

A.

Option

B.

Option

C.

Option

D.

Option

Questions 39

A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.

How is this goal accomplished?

Options:

A.

Create a custom spyware signature matching the known signature with the time attribute

B.

Add a correlation object that tracks the occurrences and triggers above the desired threshold

C.

Submit a request to Palo Alto Networks to change the behavior at the next update

D.

Configure the Anti-Spyware profile with the number of rule counts to match the occurrence frequency

Buy Now
Questions 40

Which three features are used to prevent abuse of stolen credentials? (Choose three.)

Options:

A.

multi-factor authentication

B.

URL Filtering Profiles

C.

WildFire Profiles

D.

Prisma Access

E.

SSL decryption rules

Buy Now
Questions 41

What is the key benefit of Palo Alto Networks Single Pass Parallel Processing design?

Options:

A.

There are no benefits other than slight performance upgrades

B.

It allows Palo Alto Networks to add new functions to existing hardware

C.

Only one processor is needed to complete all the functions within the box

D.

It allows Palo Alto Networks to add new devices to existing hardware

Buy Now
Exam Code: PSE-Strata
Exam Name: Palo Alto Networks System Engineer Professional - Strata
Last Update: Jun 18, 2024
Questions: 137
$64  $159.99
$48  $119.99
$40  $99.99
buy now PSE-Strata