PSE-ENDPOINT Exam Details

  • Exam Code
    :PSE-ENDPOINT
  • Exam Name
    :Palo Alto Networks System Engineer Professional - Endpoint
  • Certification
    :Palo Alto Networks Certifications
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :45 Q&As
  • Last Updated
    :Mar 21, 2026

Palo Alto Networks PSE-ENDPOINT Online Questions & Answers

  • Question 11:

    A company is using a Web Gateway/Proxy for all outbound connections. The company has deployed Traps within the domain and in testing, discovered that the ESM Servers are unable to communicate with WildFire. All other Traps features are working.

    What is the most likely cause of the issue?

    A. The administrator needs to configure WildFire proxy settings in each Agent Console.
    B. The administrator needs to configure WildFire proxy settings in the ESM Console and in each Agent Console.
    C. The Administrator needs to purchase the additional site license required for WildFire.
    D. The Administrator needs to configure WildFire proxy settings in the ESM Console.

  • Question 12:

    Uploads to the ESM Sever are failing.

    How can the mechanism for forensic and WildFire uploads be tested from the endpoint?

    A. Use BITS commands in PowerShell to send a file to the ESM Server
    B. Use curl to execute a POST operation
    C. Use SCP commands from a ssh client to transfer a file to the ESM Server
    D. Click Check-in now in the agent console

  • Question 13:

    An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)

    A. A sample with a low number of hits in Virus Total.
    B. An MS Office document which contains a ransomware macro.
    C. A sample known to be flagged as grayware by Traps.
    D. A freeware video application which spawns malicious processes.
    E. A sample known to generate false positives in the production environment.

  • Question 14:

    When installing the ESM, what role must the database user be assigned in Microsoft SQL?

    A. db_owner
    B. db_secuirtyadmin
    C. db_datawriter
    D. db_accessadmin

  • Question 15:

    An administrator is concerned about rogue installs of Internet Explorer. Which policy can be created to assure that Internet Explorer can only run from the \Program Files \Internet Explorer \directory?

    A. An execution path policy to blacklist iexplore.exe, and whitelist entry for %programfiles%\iexplore.exe
    B. An execution path policy to blacklist *\iexplore.exe. Trusted signers will allow the default iexplore.exe
    C. A whitelist of *\iexplore.exe with an execution path restriction, and a blackfirst of %system%\iexplore.exe
    D. An execution path policy to blacklist *\iexplore.exe, and a whitelist entry for %programfiles%\Internet Explorer\iexplore.exe

  • Question 16:

    During installation of the ESM and the agent, SSL was enabled on an endpoint. However, the agent communication is failing. The services.log on the endpoint has the following

    error.

    *An error occurred while making the HTTP request to https: //hostname:2125/CyveraServer/. This could be due to the fact that the server certificate is not configured property with HTTP SYS in the HTTPS case. This could also be caused by a

    mismatch of the security binding between the client and the server."

    Which certificate can be imported on the endpoint to solve this issue? Assume the hostname is a valid FQDN and the ESM Server and Console have different certificates.

    A. ESM Server Public Certificate
    B. ESM Server Serf-Signed Certificate
    C. ESM Console Self-Signed Certificate
    D. ESM Console Public Certificate

  • Question 17:

    To ensure that the Traps VDI tool can obtain verdicts for all unknown files what are the things that needs to be checked? Assuming ESM Console and ESM Server are on different servers. (Choose two.)

    A. ESM Server can access WildFire Server
    B. Endpoint can access WildFire Server
    C. ESM Console can access WildFire Server
    D. Endpoint can access ESM Server

  • Question 18:

    In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

    A. /ProgramData/Cyvera/Logs
    B. /ProgramData/Cyvera/Everyone/Temp
    C. /Library/Application Support/Cyvera/BITS Uploads/
    D. /Library/Application Support/PaloAltoNetworks/Traps/Upload/

  • Question 19:

    Which is the proper order of tasks that an administrator needs to perform to successfully create and install Traps 4.x for macOS agents?

    A. Download ClientUpgradePackage_4.x.x.zip from the support portal. Copy ClientUpgradePackage_4.x.x.zip to target endpoint. Unzip and run traps pkg.
    B. Download ClientUpgradePackage.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.
    C. Download Traps_macOS_4.x.x.zip from the support portal. Copy Traps_macOS_4.x.x.zip to target endpoint. Unzip and run traps pkg.
    D. Download Traps_macOS_4.x.x.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.

  • Question 20:

    An administrator receives an alert indicating the ESM service is not starting on the ESM Server. When the administrator tries to start the service manually, the administrator receives an error. "The Endpoint Security Manager service on Local

    Computer started and then stopped."

    What is the cause of the failure?

    A. The Account assigned to the service does not have "Log on as a batch job" permissions on the machine.
    B. The Account assigned to the service does not have "Log on as a service" permissions on the machine.
    C. The Account assigned to the service is not the Local Administrator on the machine.
    D. The Account assigned to the service is not an Active Directory Domain user.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-ENDPOINT exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.