PSE-STRATA-ASSOCIATE Online Practice Questions and Answers
Which two of the following are benefits of the Palo AltoNetworks Zero Trust architecture? (Choose two.)
Select 2 Correct Responses
A. tighter access control
B. increased detection of threats and infiltration
C. more network segments
D. cloud-based virtual private network (VPN)
An administrator wants to deploy a pair of firewalls in an active/active high availability (HA) architecture.
Which two deployment types are supported in this circumstance? (Choose two.) Select 2 Correct Responses
A. Layer 3
B. TAP mode
C. Virtual Wire
D. Layer 2
Which architecture is unique to Palo Alto Networks and results in no additional performance overhead when enabling additional features?
A. multi-pass
B. multiple-core threaded
C. single-pass
D. no-pass
When deploying an Eval Next-Generation Firewall (NGFW) within a customer environment for the purpose of generating a Security Lifecycle Review (SLR) report, creation of which interface will not impact production traffic?
A. Layer 3 interface
B. SLR interface
C. virtual wire interface
D. TAP interface
In which two of the following scenarios is personal data excluded fromprotection under the General Data Protection Regulation (GDPR)?
Select 2 Correct Responses
A. The data was automated as part of an information filing system.
B. The data was generated in the course of a purely personal or household activity.
C. The data will be used for the prevention of criminal offenses.
D. The data is related to a person's economic or cultural identity.
A Human Resources (HR) application has the URL of https://hr.company.com:4433/.
How should the "Service" column of the Security policy be set to match and permit this application?
A. Define and then select a new custom Transmission Control Protocol (TCP) service with port 4433.
B. Edit "service-https" to use port 4433.
C. Set to "service-http".
D. Set to "application-defaults," which will locate and match the HR application.
Which subscription should be activated when a predefined, known malicious IP address is updated?
A. WildFire
B. Cortex Data Lake
C. Threat Prevention
D. URL Filtering
Using a comprehensive range of natively-integratedsubscriptions and inline machine learning (ML), what does a Next-Generation Firewall (NGFW) use to prevent known and unknown threats in real time?
A. Cloud Delivered Security Services (CDSS)
B. Cloud Security Posture Management (CSPM)
C. Cloud NativeSecurity Platform (CNSP)
D. Cloud Identity Access Management (CIAM)
A customer has enabled the Threat Prevention subscription on their Palo Alto Networks Next-Generation Firewall.
How will the performance of the firewall beaffected if the customer also enables both WildFire and User-ID?
A. The maximum throughput performance will be reduced, but the impact will vary based on the firewall model being used.
B. Enabling User-ID will have no additional performance impact, but enabling WildFire will reduce throughput.
C. There will be no additional performance impact to the firewall, and throughput will remain the same, regardless of firewall model.
D. Enabling WildFire will have no additional performance impact, but enabling User-ID will reduce throughput.
Which three of the following arefeatures of the Palo Alto Networks Next-Generation Firewall (NGFW) that differentiate it from a stateful inspection firewall? (Choose three.)
Select 3 Correct Responses
A. Login-ID
B. User-ID
C. App-ID
D. Network-ID
E. SSL/SSH Decrypt
The ability of a Next-Generation Firewall (NGFW) to logically group physical and virtual interfaces and then control traffic based on that grouping is known aswhat?
A. LLDP profiles
B. security zones
C. DHCP groups
D. security profile groups
What file is needed from a firewall to generate a Security Lifecycle Review (SLR) report when creating the SLR?
A. tech support file
B. Panorama plugin registration file
C. stats dump file
D. system process core file
Which deployment method is used to integrate a firewall to be inline in an existing network but does not support additional routing or switching?
A. virtual wire
B. TAP mode
C. Layer 3
D. Layer 2
Which Next-Generation Firewall (NGFW) deployment model allows an organization to monitor trafficduring evaluations without interruption to network traffic?
A. Layer 2
B. TAP mode
C. virtual wire
D. Layer 3
Which Palo Alto Networks product offers a centrally managed firewall update process?
A. SD_WAN
B. Prisma SaaS
C. Panorama
D. WildFire
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
• 6000+ PDF and VCE exam dumps
• 6000+ Free demo downloads available
• 50+ Preparation Labs
• 20+ Representatives Providing 24/7 Support
Copyright © 2004-2024 certbus.com, All Rights Reserved.