Summer Sale - Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 5763r953

Welcome To DumpsPedia
  1. Home
  2. Paloalto Networks
  3. PSE-Strata Professional
  4. PSE-Strata
  5. Palo Alto Networks System Engineer Professional - Strata Questions and Answers

PSE-Strata Sample Questions Answers

Questions 4

Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)

Options:

A.

Include all traffic types in decryption policy

B.

Inability to access websites

C.

Exclude certain types of traffic in decryption policy

D.

Deploy decryption setting all at one time

E.

Ensure throughput is not an issue

Buy Now
Questions 5

How often are the databases for Anti-virus. Application, Threats, and WildFire subscription updated?

Options:

A.

Anti-virus (weekly): Application (daily). Threats (weekly), WildFire (5 minutes)

B.

Anti-virus (weekly), Application (daily), Threats (daily), WildFire (5 minutes)

C.

Anti-virus (daily), Application (weekly), Threats (weekly), WildFire (5 minutes)

D.

Anti-virus (daily), Application (weekly), Threats (daily), WildFire (5 minutes)

Buy Now
Questions 6

A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default. What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

Options:

A.

Palo Alto Networks keep ports closed by default, only opening ports after understanding the application request, and then opening only the application-specified ports.

B.

Palo Alto Networks does not consider port information, instead relying on App-ID signatures that do not reference ports.

C.

Default policies block all interzone traffic. Palo Alto Networks empowers you to control applications by default ports or a configurable list of approved ports on a per-policy basis.

D.

Palo Alto Networks NGFW protects all applications on all ports while leaving all ports opened by default.

Buy Now
Questions 7

An SE is preparing an SLR report for a school and wants to emphasize URL filtering capabilities because the school is concerned that its students are accessing inappropriate websites. The URL categories being chosen by default in the report are not highlighting these types of websites. How should the SE show the customer the firewall can detect that these websites are being accessed?

Options:

A.

Create a footnote within the SLR generation tool

B.

Edit the Key-Findings text to list the other types of categories that may be of interest

C.

Remove unwanted categories listed under 'High Risk' and use relevant information

D.

Produce the report and edit the PDF manually

Buy Now
Questions 8

Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

Options:

A.

use of decryption policies

B.

measure the adoption of URL filters. App-ID. User-ID

C.

use of device management access and settings

D.

expose the visibility and presence of command-and-control sessions

E.

identify sanctioned and unsanctioned SaaS applications

Buy Now
Questions 9

Which two features can be enabled to support asymmetric routing with redundancy on a Palo

Alto networks next-generation firewall (NGFW)? (Choose two.)

Options:

A.

Active / active high availability (HA)

B.

Multiple virtual systems

C.

non-SYN first packet

D.

Asymmetric routing profile

Buy Now
Questions 10

What can be applied to prevent users from unknowingly downloading malicious file types from the internet?

Options:

A.

A vulnerability profile to security policy rules that deny general web access

B.

An antivirus profile to security policy rules that deny general web access

C.

A zone protection profile to the untrust zone

D.

A file blocking profile to security policy rules that allow general web access

Buy Now
Questions 11

An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer.

The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)

Options:

A.

Control of post rules

B.

Control local firewall rules

C.

Ensure management continuity

D.

Improve log collection redundancy

Buy Now
Questions 12

What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

Options:

A.

operational efficiencies due to reduction in manual incident review and decrease in mean time to resolution (MTTR)

B.

improved revenue due to more efficient network traffic throughput

C.

Increased security due to scalable cloud delivered security Services (CDSS)

D.

Cost savings due to reduction in IT management effort and device

Buy Now
Questions 13

In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

Options:

A.

HA3

B.

HA1

C.

HA2

D.

HA4

Buy Now
Questions 14

Within the Five-Step Methodology of Zero Trust, in which step would application access and user access be defined?

Options:

A.

Step 3: Architect a Zero Trust Network

B.

Step 5. Monitor and Maintain the Network

C.

Step 4: Create the Zero Trust Policy

D.

Step 1: Define the Protect Surface

E.

Step 2 Map the Protect Surface Transaction Flows

Buy Now
Questions 15

XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy. Which two features must be enabled to meet the customer's requirements? (Choose two.)

Options:

A.

Policy-based forwarding

B.

HA active/active

C.

Virtual systems

D.

HA active/passive

Buy Now
Questions 16

The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security.

The firewall provides which three types of reports? (Choose three.)

Options:

A.

SNMP Reports

B.

PDF Summary Reports

C.

Netflow Reports

D.

Botnet Reports

E.

User or Group Activity Reports

Buy Now
Questions 17

A customer is concerned about malicious activity occurring directly on their endpoints and will not be visible to their firewalls.

Which three actions does the Traps agent execute during a security event, beyond ensuring the prevention of this activity? (Choose three.)

Options:

A.

Informs WildFire and sends up a signature to the Cloud

B.

Collects forensic information about the event

C.

Communicates the status of the endpoint to the ESM

D.

Notifies the user about the event

E.

Remediates the event by deleting the malicious file

Buy Now
Questions 18

A customer with a fully licensed Palo Alto Networks firewall is concerned about threats based on domain generation algorithms (DGAS).

Which Security profile is used to configure Domain Name Security (DNS) to Identity and block

previously unknown DGA-based threats in real time?

Options:

A.

URL Filtering profile

B.

WildFire Analysis profile

C.

Vulnerability Protection profile

D.

Anti-Spyware profile

Buy Now
Questions 19

When the Cortex Data Lake is sized for Traps Management Service, which two factors should be considered? (Choose two.)

Options:

A.

retention requirements

B.

Traps agent forensic data

C.

the number of Traps agents

D.

agent size and OS

Buy Now
Exam Code: PSE-Strata
Exam Name: Palo Alto Networks System Engineer Professional - Strata
Last Update: Apr 17, 2024
Questions: 139
$72  $159.99
$54  $119.99
$45  $99.99
buy now PSE-Strata