Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

PSE-Strata-Pro-24 Exam Dumps - Palo Alto Networks Systems Engineer Professional - Hardware Firewall

Go to page:
Question # 9

In which two locations can a Best Practice Assessment (BPA) report be generated for review by a customer? (Choose two.)

A.

PANW Partner Portal

B.

Customer Support Portal

C.

AIOps

D.

Strata Cloud Manager (SCM)

Full Access
Question # 10

There are no Advanced Threat Prevention log events in a company's SIEM instance. However, the systems administrator has confirmed that the Advanced Threat Prevention subscription is licensed and that threat events are visible in the threat logs on the firewall.

Which action should the systems administrator take next?

A.

Enable the company's Threat Prevention license.

B.

Check with the SIEM vendor to verify that Advanced Threat Prevention logs are reaching the company's SIEM instance.

C.

Have the SIEM vendor troubleshoot its software.

D.

Ensure the Security policy rules that use Advanced Threat Prevention are set for log forwarding to the correct SIEM.

Full Access
Question # 11

A systems engineer should create a profile that blocks which category to protect a customer from ransomware URLs by using Advanced URL Filtering?

A.

Ransomware

B.

High Risk

C.

Scanning Activity

D.

Command and Control

Full Access
Question # 12

What is used to stop a DNS-based threat?

A.

DNS proxy

B.

Buffer overflow protection

C.

DNS tunneling

D.

DNS sinkholing

Full Access
Question # 13

Regarding APIs, a customer RFP states: "The vendor’s firewall solution must provide an API with an enforcement mechanism to deactivate API keys after two hours." How should the response address this clause?

A.

Yes - This is the default setting for API keys.

B.

No - The PAN-OS XML API does not support keys.

C.

No - The API keys can be made, but there is no method to deactivate them based on time.

D.

Yes - The default setting must be changed from no limit to 120 minutes.

Full Access
Question # 14

A systems engineer (SE) is working with a customer that is fully cloud-deployed for all applications. The customer is interested in Palo Alto Networks NGFWs but describes the following challenges:

"Our apps are in AWS and Azure, with whom we have contracts and minimum-revenue guarantees. We would use the built-in firewall on the cloud service providers (CSPs), but the need for centralized policy management to reduce human error is more important."

Which recommendations should the SE make?

A.

Cloud NGFWs at both CSPs; provide the customer a license for a Panorama virtual appliance from their CSP's marketplace of choice to centrally manage the systems.

B.

Cloud NGFWs in AWS and VM-Series firewall in Azure; the customer selects a PAYG licensing Panorama deployment in their CSP of choice.

C.

VM-Series firewalls in both CSPs; manually built Panorama in the CSP of choice on a host of either type: Palo Alto Networks provides a license.

D.

VM-Series firewall and CN-Series firewall in both CSPs; provide the customer a private-offer Panorama virtual appliance from their CSP’s marketplace of choice to centrally manage the systems.

Full Access
Question # 15

Which two statements clarify the functionality and purchase options for Palo Alto Networks AIOps for NGFW? (Choose two.)

A.

It is offered in two license tiers: a commercial edition and an enterprise edition.

B.

It is offered in two license tiers: a free version and a premium version.

C.

It uses telemetry data to forecast, preempt, or identify issues, and it uses machine learning (ML) to adjust and enhance the process.

D.

It forwards log data to Advanced WildFire to anticipate, prevent, or identify issues, and it uses machine learning (ML) to refine and adapt to the process.

Full Access
Question # 16

Which two compliance frameworks are included with the Premium version of Strata Cloud Manager (SCM)? (Choose two)

A.

Payment Card Industry (PCI)

B.

National Institute of Standards and Technology (NIST)

C.

Center for Internet Security (CIS)

D.

Health Insurance Portability and Accountability Act (HIPAA)

Full Access
Go to page: