• Home
  • Articles
  • PDF (New 2021) Actual Palo Alto Networks PSE-Strata Exam Questions [Q35-Q60]

PDF (New 2021) Actual Palo Alto Networks PSE-Strata Exam Questions [Q35-Q60]

Share

PDF (New 2021) Actual Palo Alto Networks PSE-Strata Exam Questions

Dumps Moneyack Guarantee - PSE-Strata Dumps UpTo 90% Off

NEW QUESTION 35
Which two types of security chains are supported by the Decryption Broker? (Choose two.)

  • A. Layer 3
  • B. virtual wire
  • C. transparent bridge
  • D. Layer 2

Answer: A,C

Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/decryption-broker/decryption-broker-concepts/decryption-broker-security-chains-multiple.html

 

NEW QUESTION 36
How often are the databases for Anti-virus. Application, Threats, and WildFire subscription updated?

  • A. Anti-virus (weekly): Application (daily). Threats (weekly), WildFire (5 minutes)
  • B. Anti-virus (daily), Application (weekly), Threats (weekly), WildFire (5 minutes)
  • C. Anti-virus (weekly), Application (daily), Threats (daily), WildFire (5 minutes)
  • D. Anti-virus (daily), Application (weekly), Threats (daily), WildFire (5 minutes)

Answer: B

Explanation:
Explanation
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/software-and-content-updates/dynamic-content-upd

 

NEW QUESTION 37
The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security The firewall provides which three types of reports? (Choose three.)

  • A. PDF Summary Reports
  • B. Netflow Reports
  • C. Botnet Reports
  • D. SNMP Reports
  • E. User or Group Activity Reports

Answer: B,C,E

 

NEW QUESTION 38
Which task would be identified in Best Practice Assessment tool?

  • A. identify the threats associated with each application
  • B. identify sanctioned and unsanctioned SaaS applications
  • C. identify and provide recommendations for device management access
  • D. identify the visibility and presence of command-and-control sessions

Answer: B

 

NEW QUESTION 39
What are two core values of the Palo Alto Network Security Operating Platform? (Choose two.}

  • A. safe enablement of all applications
  • B. defense against threats with static security solution
  • C. prevention of cyber attacks
  • D. threat remediation

Answer: C,D

 

NEW QUESTION 40
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer.
The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)

  • A. Improve log collection redundancy
  • B. Control local firewall rules
  • C. Control of post rules
  • D. Ensure management continuity

Answer: A,D

 

NEW QUESTION 41
Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?

  • A. Feed Base URL
  • B. Inputs
  • C. Prototype
  • D. Class

Answer: A

 

NEW QUESTION 42
Which functionality is available to firewall users with an active Threat Prevention subscription, but no WildFire license?

  • A. Access to the WildFire API
  • B. 5 minute WildFire updates to threat signatures
  • C. WildFire hybrid deployment
  • D. PE file upload to WildFire

Answer: B

 

NEW QUESTION 43
What action would address the sub-optimal traffic path shown in the figure?
Key:
RN - Remote Network
SC - Service Connection
MU GW - Mobile User Gateway

  • A. Onboard a Service Connection in the Americas region
  • B. Onboard a Remote Network location in the EMEA region
  • C. Remove the Service Connection in the EMEA region
  • D. Onboard a Service Connection in the APAC region

Answer: D

 

NEW QUESTION 44
What can be applied to prevent users from unknowingly downloading malicious file types from the internet?

  • A. An antivirus profile to security policy rules that deny general web access
  • B. A zone protection profile to the untrust zone
  • C. A vulnerability profile to security policy rules that deny general web access
  • D. A file blocking profile to security policy rules that allow general web access

Answer: D

 

NEW QUESTION 45
A client chooses to not block uncategorized websites.
Which two additions should be made to help provide some protection? (Choose two.)

  • A. A security policy rule using only known URL categories with the action set to allow
  • B. A data filtering profile with a custom data pattern to security policy rules that deny uncategorized websites
  • C. A URL filtering profile with the action set to continue for unknown URL categories to security policy rules that allow web access
  • D. A file blocking profile attached to security policy rules that allow uncategorized websites to help reduce the risk of drive by downloads

Answer: A,C

 

NEW QUESTION 46
XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy. Which two features must be enabled to meet the customer's requirements? (Choose two.)

  • A. Virtual systems
  • B. HA active/active
  • C. HA active/passive
  • D. Policy-based forwarding

Answer: B,D

Explanation:
https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/high-availability/route-based-redundancy

 

NEW QUESTION 47
Which two tabs in Panorama can be used to identify templates to define a common base configuration? (Choose two.)

  • A. Objects Tab
  • B. Device Tab
  • C. Policies Tab
  • D. Network Tab

Answer: B,D

 

NEW QUESTION 48
Prisma SaaS provides which two SaaS threat prevention capabilities? (Choose two)

  • A. remote procedural call (RPC) interrogation
  • B. shellcode protection
  • C. file quarantine
  • D. WildFire analysis
  • E. SaaS AppID signatures

Answer: D,E

 

NEW QUESTION 49
Which two products can send logs to the Cortex Data Lake? (Choose two.)

  • A. PA-3260 firewall
  • B. Prisma Access
  • C. AutoFocus
  • D. Prisma Public Cloud

Answer: A,B

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/forward-logs-to-cortex-data-lake

 

NEW QUESTION 50
Which three features are used to prevent abuse of stolen credentials? (Choose three.)

  • A. SSL decryption rules
  • B. WildFire Profiles
  • C. Prisma Access
  • D. multi-factor authentication
  • E. URL Filtering Profiles

Answer: A,B,D

 

NEW QUESTION 51
How frequently do WildFire signatures move into the antivirus database?

  • A. every 1 hour
  • B. every 24 hours
  • C. once a week
  • D. every 12 hours

Answer: B

Explanation:
https://docs.paloaltonetworks.com/wildfire/9-0/wildfire-admin/wildfire-overview/wildfire-concepts/wildfire-signatures

 

NEW QUESTION 52
Which two tabs in Panorama can be used to identify templates to define a common base configuration? (Choose two.)

  • A. Objects Tab
  • B. Device Tab
  • C. Policies Tab
  • D. Network Tab

Answer: B,D

Explanation:
https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/panorama-web-interface/panorama-templates/template-stacks

 

NEW QUESTION 53
Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)

  • A. Deploy decryption setting all at one time
  • B. Inability to access websites
  • C. Exclude certain types of traffic in decryption policy
  • D. Ensure throughput is not an issue
  • E. Include all traffic types in decryption policy

Answer: B,C,E

 

NEW QUESTION 54
What three Tabs are available in the Detailed Device Health on Panorama for hardware-based firewalls? (Choose three.)

  • A. Interfaces
  • B. Throughput
  • C. Errors
  • D. Status
  • E. Sessions
  • F. Mounts
  • G. Environments

Answer: A,E,G

 

NEW QUESTION 55
Which two components must be configured within User-ID on a new firewall that has been implemented? (Choose two.)

  • A. Group Mapping
  • B. Proxy Authentication
  • C. 802.1X Authentication
  • D. User Mapping

Answer: A,D

 

NEW QUESTION 56
Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

  • A. measure the adoption of URL filters. App-ID. User-ID
  • B. use of decryption policies
  • C. expose the visibility and presence of command-and-control sessions
  • D. identify sanctioned and unsanctioned SaaS applications
  • E. use of device management access and settings

Answer: A,B,D

 

NEW QUESTION 57
Which four actions can be configured in an Anti-Spyware profile to address command-and-control traffic from compromised hosts? (Choose four.)

  • A. Reset
  • B. Quarantine
  • C. Alert
  • D. Drop
  • E. Allow
  • F. Redirect

Answer: A,B,C,D

Explanation:
https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/anti-spyware-profiles.html

 

NEW QUESTION 58
What can be applied to prevent users from unknowingly downloading malicious file types from the internet?

  • A. An antivirus profile to security policy rules that deny general web access
  • B. A zone protection profile to the untrust zone
  • C. A vulnerability profile to security policy rules that deny general web access
  • D. A file blocking profile to security policy rules that allow general web access

Answer: D

Explanation:
Explanation
https://docs.paloaltonetworks.com/best-practices/8-1/internet-gateway-best-practices/best-practice-internet-gatew

 

NEW QUESTION 59
Which domain permissions are required by the User-ID Agent for WMI Authentication on a Windows Server? (Choose three.)

  • A. Event Log Readers
  • B. Distributed COM Users
  • C. Server Operator
  • D. Enterprise Administrators
  • E. Domain Administrators

Answer: A,C,E

Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/user-identification/device-user-identification-user-mapping/user-id-agent-setup/user-id-agent-setup-wmi-authentication

 

NEW QUESTION 60
......

Updated Nov-2021 Pass PSE-Strata Exam - Real Practice Test Questions: https://itcertspass.itcertmagic.com/Palo-Alto-Networks/real-PSE-Strata-exam-prep-dumps.html

Related Articles

more
Palo Alto Networks PSE-Strata Certification Practice Exam