• Home
  • Articles
  • [UPDATED 2023] Palo Alto Networks PSE-Strata Questions Prepare with Free Demo of PDF [Q34-Q51]

[UPDATED 2023] Palo Alto Networks PSE-Strata Questions Prepare with Free Demo of PDF [Q34-Q51]

Share

[UPDATED 2023] Palo Alto Networks PSE-Strata Questions Prepare with Free Demo of PDF

NEW 2023 Certification Sample Questions PSE-Strata Dumps & Practice Exam

NEW QUESTION 34
A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues. How does the platform address the customer's concern?

  • A. It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
  • B. It allows a list of websites or URL categories to be defined for exclusion from decryption
  • C. It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
  • D. It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted

Answer: B

 

NEW QUESTION 35
Which three methods used to map users to IP addresses are supported in Palo Alto Networks firewalls? (Choose three.)

  • A. Active Directory monitoring
  • B. TACACS
  • C. eDirectory monitoring
  • D. RADIUS
  • E. SNMP server
  • F. Client Probing
  • G. Lotus Domino

Answer: B,D,F

Explanation:
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/user-id/user-id-concepts/user-mapping

 

NEW QUESTION 36
Which profile or policy should be applied to protect against port scans from the internet?

  • A. Security profiles to security policy rules for traffic sourcing from the untrust zone
  • B. Interface management profile on the zone of the ingress interface
  • C. An App-ID security policy rule to block traffic sourcing from the untrust zone
  • D. Zone protection profile on the zone of the ingress interface

Answer: D

Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/network/network- network-profiles-zone-protection/reconnaissance-protection.html

 

NEW QUESTION 37
Which three steps in the cyberattack lifecycle does Palo Alto Networks Security Operating Platform prevent? (Choose three.)

  • A. lateral movement
  • B. weaponize vulnerabilities
  • C. deliver the malware
  • D. exfiltrate data
  • E. recon the target

Answer: A,C,D

Explanation:
https://www.exclusive-networks.com/ch-fr/praevention-cyber-attack-lifecycle-palo-alto/

 

NEW QUESTION 38
Which are the three mandatory components needed to run Cortex XDR? (Choose three.)

  • A. Directory Syn Service
  • B. Panorama
  • C. NGFW with PANOS 8 0.5 or later
  • D. Traps
  • E. Pathfinder
  • F. Cortex Data Lake

Answer: A,C,F

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/cortex-xdr-prevent-overview/cortex-xdr-prevent-architecture

 

NEW QUESTION 39
Which three activities can the botnet report track? (Choose three.)

  • A. Using dynamic DNS domain providers
  • B. Launching a P2P application
  • C. Initiating API calls to other applications
  • D. Accessing domains registered in the last 30 days
  • E. Visiting a malicious URL
  • F. Detecting malware within a one-hour period

Answer: A,B,D

Explanation:
https://media.paloaltonetworks.com/documents/Controlling-Botnets.pdf

 

NEW QUESTION 40
Which profile or policy should be applied to protect against port scans from the internet?

  • A. Security profiles to security policy rules for traffic sourcing from the untrust zone
  • B. Interface management profile on the zone of the ingress interface
  • C. An App-ID security policy rule to block traffic sourcing from the untrust zone
  • D. Zone protection profile on the zone of the ingress interface

Answer: D

 

NEW QUESTION 41
An endpoint, inside an organization, is infected with known malware. The malware attempts to make a command and control connection to a C&C server via the destination IP address.
Which mechanism prevent this connection from succeeding?

  • A. DNS Sinkholing
  • B. DNS Proxy
  • C. Wildfire Analysis
  • D. Anti-Spyware Signatures

Answer: A

 

NEW QUESTION 42
Which are the three mandatory components needed to run Cortex XDR? (Choose three.)

  • A. Directory Syn Service
  • B. Panorama
  • C. NGFW with PANOS 8 0.5 or later
  • D. Traps
  • E. Pathfinder
  • F. Cortex Data Lake

Answer: A,C,F

 

NEW QUESTION 43
What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?

  • A. Run a Perl script to regularly check for updates and alert when one in released
  • B. Monitor update announcements and manually push updates to firewalls
  • C. Utilize dynamic updates with an aggressive update schedule
  • D. Store updates on an intermediary server and point all the firewalls to it

Answer: B

 

NEW QUESTION 44
Which three script types can be analyzed in WildFire? (Choose three.)

  • A. JScript
  • B. VBScript
  • C. PythonScript
  • D. MonoScript
  • E. PowerShell Script

Answer: A,B,C

Explanation:
https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-whats-new/wildfire-features-in-panos-
90/wildfire-appliance-script-support.html

 

NEW QUESTION 45
What is the key benefit of Palo Alto Networks Single Pass Parallel Processing design?

  • A. Only one processor is needed to complete all the functions within the box
  • B. There are no benefits other than slight performance upgrades
  • C. It allows Palo Alto Networks to add new functions to existing hardware
  • D. It allows Palo Alto Networks to add new devices to existing hardware

Answer: A

 

NEW QUESTION 46
Which two products can send logs to the Cortex Data Lake? (Choose two.)

  • A. Prisma Public Cloud
  • B. PA-3260 firewall
  • C. Prisma Access
  • D. AutoFocus

Answer: B,C

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/forward-logs-to-cortex-data-lake

 

NEW QUESTION 47
As you prepare to scan your Amazon S3 account, what enables Prisma service permission to access Amazon S3?

  • A. AWS account ID
  • B. secret access key
  • C. administrative Password
  • D. access key ID

Answer: D

 

NEW QUESTION 48
How often are the databases for Anti-virus. Application, Threats, and WildFire subscription updated?

  • A. Anti-virus (weekly), Application (daily), Threats (daily), WildFire (5 minutes)
  • B. Anti-virus (weekly): Application (daily). Threats (weekly), WildFire (5 minutes)
  • C. Anti-virus (daily), Application (weekly), Threats (weekly), WildFire (5 minutes)
  • D. Anti-virus (daily), Application (weekly), Threats (daily), WildFire (5 minutes)

Answer: C

Explanation:
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/software-and-content-updates/dynamic-content-updates.html

 

NEW QUESTION 49
WildFire subscription supports analysis of which three types? (Choose three.)

  • A. Flash
  • B. GIF
  • C. RPM
  • D. DMG
  • E. 7-Zip
  • F. ISO

Answer: A,E,F

Explanation:
https://www.niap-ccevs.org/MMO/Product/st_vid11032-agd1.pdf

 

NEW QUESTION 50
Which three components are specific to the Query Builder found in the Custom Report creation dialog of the firewall? (Choose three.)

  • A. Recipient
  • B. Connector
  • C. Database
  • D. Attribute
  • E. Operator
  • F. Schedule

Answer: B,D,E

Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/view-and-manage- reports/generate-custom-reports

 

NEW QUESTION 51
......

PSE-Strata Deluxe Study Guide with Online Test Engine: https://certificationsdesk.examslabs.com/Palo-Alto-Networks/Palo-Alto-Networks-Systems-Engineer/best-PSE-Strata-exam-dumps.html

Related Articles

more
Palo Alto Networks PSE-Strata Certification Practice Exam