An ESM server's SSL certificate needs two Enhanced Key Usage purposes: Client Authentication and ________________
A. Server Authentication
B. File Recovery
C. IP Security User
D. IP Security Tunnel Termination
There are two custom policy rules in ESM Console. Policy rule number 1000 turns ROP off for winword.exe. Policy rule number 1001 turns ROP on for winword.exe What is the ROP module status for winword.exe?
A. Due to the collision in the policy rules, ROP is enabled in notification mode.
B. The lower numbered policy rule takes precedence. ROP is off for winword.exe
C. The higher numbered policy rule takes precedence. ROP is on for winword.exe
D. The default policy rule takes precedence over both policy rules 1000 and 1001 and disables ROP for winword.exe
A customer plans to test the malware prevention capabilities of Traps. It has defined this policy. Local analysis is enabled Quarantining of malicious files is enabled Files are to be uploaded to WildFire
No executables have been whitelisted or blacklisted in the ESM Console Hash Control screen. Malware sample A has a verdict of Malicious in the WildFire service. Malware sample B is unknown to WildFire. Which behavior will result?
A. WildFire will block sample A as known malware; sample B will be blocked as an unknown binary while the file is analyzed by WildFire for a final verdict.
B. Hash Control already knows sample A locally in the endpoint cache and will block it. Sample B will not be blocked by WildFire, but will be blocked by the local analysis engine.
C. WildFire will block sample A as known malware, and sample B will compromise the endpoint because it is new and ESM Server has not obtained the required signatures.
D. WildFire will block sample A as known malware; sample B will not be blocked by WildFire, but will be evaluated by the local analysis engine and will or will not be blocked, based on its verdict, until WildFire analysis determines the final verdict.
An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded. The
administrator wants to evaluate the ability of Traps to protect these systems and the word processing
applications running on them.
How should an administrator perform this evaluation?
A. Run a known 2015 flash exploit on a Windows XP SP3 VM, and run an exploitation tool that acts as a listener. Use the results to demonstrate Traps capabilities.
B. Run word processing exploits in a Windows 7 VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities.
C. Prepare a Windows 7 VM. Gather information about the word processing applications, determine if some of them are vulnerable, and prepare a working exploit for at least one of them. Execute with an exploitation tool.
D. Gather information about the word processing applications and run them on a Windows XP SP3 VM. Determine if any of the applications are vulnerable and run the exploit with an exploitation tool.
A large manufacturer is planning to roll out Traps to 75,000 endpoints. Their environment consists of three major sites with 24,000 endpoints each, plus about 3,000 remote endpoints in smaller remote locations using always-on VPN connections to a single one of the major sites. The customer wants to minimize network traffic between the major sites, but all endpoints have internet access. The customer is looking for a centrally managed solution with common reporting and management for all endpoints in the environment. Which design option would be appropriate for this environment?
A. Place the Traps database. ESM Console and two ESM core servers in the large site hosting the VPN gateway, and force all endpoints to use VPN at all times.
B. Place the Traps database, ESM Console and seven ESM core servers in a public-cloud environment where the ESM Core servers are accessible from the internet.
C. Place a Traps database, ESM Console and an ESM core server in each of the three large sites.
D. Place the Traps database and ESM Console in one of the major sites, and one ESM core server in each of the three major sites.
Which is the proper order of tasks that an administrator needs to perform to successfully create and install Traps 4.x for macOS agents?
A. Download ClientUpgradePackage_4.x.x.zip from the support portal. Copy ClientUpgradePackage_4.x.x.zip to target endpoint. Unzip and run traps pkg.
B. Download ClientUpgradePackage.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.
C. Download Traps_macOS_4.x.x.zip from the support portal. Copy Traps_macOS_4.x.x.zip to target endpoint. Unzip and run traps pkg.
D. Download Traps_macOS_4.x.x.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.
Which two are valid optional parameters when upgrading Traps agent from the ESM console using Upgrade from path? (Choose two.)
A. Conditions
B. Processes
C. ESM Server
D. Target Objects
E. Features
A customer has an environment with the following: 1,000 agents communicating over SSL with two servers - one containing the ESM Server and another one where the ESM Console is installed BitsUploads resides on the ESM Console server
ESM Server and Console are using the default pods tor communication In a scenario where a file is failing to be uploaded from macOS, which three reasons could be directly related to the failure? (Choose three.)
A. Traps agent is not able to check in with the ESM Server
B. The rate of upload is lower than 100Kb/S
C. The BITS address in the ESM is incorrect
D. Port 2125 is blocked on the server which hosts BitsUploads
E. Port 443 is blocked on the server which hosts BitsUploads
A company wants to implement a new Virtual Desktop Infrastructure (VDI) in which the endpoints are protected with Traps. It must select a VDI platform that is supported by Palo Alto Networks for Traps use. Which two platform are supported? (Choose two.)
A. Citrix XenDesktop
B. VMware Horizon View
C. Listeq
D. Nimboxx
When installing the ESM, what role must the database user be assigned in Microsoft SQL?
A. db_owner
B. db_secuirtyadmin
C. db_datawriter
D. db_accessadmin
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-ENDPOINT exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.