Summer Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 1271b8m643

PSE-Strata Exam Dumps - Palo Alto Networks System Engineer Professional - Strata

Question # 4

Which CLI allows you to view the names of SD-WAN policy rules that send traffic to the specified virtual SD-WAN interface, along with the performance metrics?

A)

B)

C)

D)

A.

Option

B.

Option

C.

Option

D.

Option

Full Access
Question # 5

Which three components are specific to the Query Builder found in the Custom Report creation dialog of the firewall? (Choose three.)

A.

Connector

B.

Database

C.

Recipient

D.

Operator

E.

Attribute

F.

Schedule

Full Access
Question # 6

What action would address the sub-optimal traffic path shown in the figure?

Key:

RN - Remote Network

SC - Service Connection

MU GW - Mobile User Gateway

A.

Onboard a Service Connection in the Americas region

B.

Remove the Service Connection in the EMEA region

C.

Onboard a Service Connection in the APAC region

D.

Onboard a Remote Network location in the EMEA region

Full Access
Question # 7

A WildFire subscription is required for which two of the following activities? (Choose two)

A.

Filter uniform resource locator (URL) sites by category.

B.

Forward advanced file types from the firewall for analysis.

C.

Use the WildFire Application Programming Interface (API) to submit website links for analysis

D.

Enforce policy based on Host Information Profile (HIP)

E.

Decrypt Secure Sockets Layer (SSL)

Full Access
Question # 8

Which two types of security chains are supported by the Decryption Broker? (Choose two.)

A.

virtual wire

B.

transparent bridge

C.

Layer 3

D.

Layer 2

Full Access
Question # 9

Which two new file types are supported on the WF-500 in PAN-OS 9? (Choose two)

A.

ELF

B.

7-Zip

C.

Zip

D.

RAR

Full Access
Question # 10

When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can be logged?

A.

X-Forwarded-For

B.

HTTP method

C.

HTTP response status code

D.

Content type

Full Access
Question # 11

Which two products can send logs to the Cortex Data Lake? (Choose two.)

A.

AutoFocus

B.

PA-3260 firewall

C.

Prisma Access

D.

Prisma Public Cloud

Full Access
Question # 12

Which four actions can be configured in an Anti-Spyware profile to address command-and-control traffic from compromised hosts? (Choose four.)

A.

Quarantine

B.

Allow

C.

Reset

D.

Redirect

E.

Drop

F.

Alert

Full Access
Question # 13

A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default. What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

A.

Palo Alto Networks keep ports closed by default, only opening ports after understanding the application request, and then opening only the application-specified ports.

B.

Palo Alto Networks does not consider port information, instead relying on App-ID signatures that do not reference ports.

C.

Default policies block all interzone traffic. Palo Alto Networks empowers you to control applications by default ports or a configurable list of approved ports on a per-policy basis.

D.

Palo Alto Networks NGFW protects all applications on all ports while leaving all ports opened by default.

Full Access
Question # 14

Which two network events are highlighted through correlation objects as potential security risks? (Choose two.)

A.

Identified vulnerability exploits

B.

Launch of an identified malware executable file

C.

Endpoints access files from a removable drive

D.

Suspicious host behavior

Full Access
Question # 15

Which two tabs in Panorama can be used to identify templates to define a common base configuration? (Choose two.)

A.

Network Tab

B.

Policies Tab

C.

Device Tab

D.

Objects Tab

Full Access
Question # 16

Which two methods are used to check for Corporate Credential Submissions? (Choose two.)

A.

doman credentialiter

B.

User-ID credential check

C.

LDAP query

D.

IP user mapping

Full Access
Question # 17

Which three features are used to prevent abuse of stolen credentials? (Choose three.)

A.

multi-factor authentication

B.

URL Filtering Profiles

C.

WildFire Profiles

D.

Prisma Access

E.

SSL decryption rules

Full Access
Question # 18

What is an advantage of having WildFire machine learning (ML) capability Inline on the firewall?

A.

It eliminates of the necessity for dynamic analysis in the cloud

B.

It enables the firewall to block unknown malicious files in real time and prevent patient zero without disrupting business productivity

C.

It is always able to give more accurate verdicts than the cloud ML analysis reducing false positives and false negatives

D.

It improves the CPU performance of content inspection

Full Access
Question # 19

Match the WildFire Inline Machine Learning Model to the correct description for that model.

Full Access
Question # 20

A customer is concerned about malicious activity occurring directly on their endpoints and will not be visible to their firewalls.

Which three actions does the Traps agent execute during a security event, beyond ensuring the prevention of this activity? (Choose three.)

A.

Informs WildFire and sends up a signature to the Cloud

B.

Collects forensic information about the event

C.

Communicates the status of the endpoint to the ESM

D.

Notifies the user about the event

E.

Remediates the event by deleting the malicious file

Full Access