Labour Day Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > Paloalto Networks > Strata Associate > PSE-Strata-Associate

PSE-Strata-Associate Palo Alto Networks Systems Engineer (PSE) - Strata Associate Question and Answers

Question # 4

Which two Cloud-Delivered Security Services (CDSS) would be appropriate for an organization that wants to secure internet traffic on a perimeter firewall? (Choose two.)

Select 2 Correct Responses

A.

WildFire

B.

Advanced URL Filtering (AURLF)

C.

Autonomous Digital Experience Management (ADEM)

D.

SD-WAN

Full Access
Question # 5

Which architecture allows a Palo Alto Networks Next-Generation Firewall (NGFW) to achieve high performance with all security features enabled?

A.

single-pass parallel processing

B.

dual-pass processing

C.

multi-core processing

D.

parallel-pass single processing

Full Access
Question # 6

Which two of the following are benefits of the Palo Alto Networks Zero Trust architecture? (Choose two.)

Select 2 Correct Responses

A.

tighter access control

B.

increased detection of threats and infiltration

C.

more network segments

D.

cloud-based virtual private network (VPN)

Full Access
Question # 7

How does Cloud Identity Engine (CIE) simplify deployment of cloudbased services to provide user authentication?

A.

It allows configuration of an authentication source once instead of for each authentication method.

B.

It expands the capability to filter and forward decrypted and non-decrypted Transport Layer Security (TLS) traffic.

C.

It ensures that a compromised master key does not compromise the configuration encryption for an entire deployment.

D.

It authenticates users via a cloud-based service and refers to the hub for mappings for group identification.

Full Access
Question # 8

Which subscription should be activated when a predefined, known malicious IP address is updated?

A.

WildFire

B.

Cortex Data Lake

C.

Threat Prevention

D.

URL Filtering

Full Access
Question # 9

To use App-ID effectively in Security policies, which three best practices should be followed? (Choose three.)

Select 3 Correct Responses

A.

Use Expedition to migrate a port-based policy to PAN-OS.

B.

Whenever possible, enable App-ID override.

C.

Use phased transition to safely enable applications.

D.

Use Policy Optimizer to migrate to an application-based policy.

E.

After the application is specified in policy, set the 7 service to "any".

Full Access
Question # 10

A customer interested in Panorama is concerned about managing multiple firewalls they are putting in place globally. Each location has its own IP addresses, zones, and VPN configurations.

Which element of Panorama will assist the customer in pushing this unique configuration information to the individual firewalls?

A.

device profile

B.

GlobalProtect

C.

templates

D.

device groups

Full Access
Copyright myexamcollection.com. All Right Reserved.