How many recursion levels are supported for compressed files in PAN-OS 8.0?
A. 2
B. 5
C. 4
D. 3
What is the HA limitation specific to the PA-200 appliance?
A. Can be deployed in either an active/passive or active/active HA pair
B. Can only synchronize configurations and does not support session synchronization
C. Has a dedicated HA1 and HA2 ports, but no HA3
D. Is the only Palo Alto Networks firewall that does not have any HA capabilities
A customer is concerned about malicious activity occurring directly on their endpoints and not visible to their firewalls.
Which three actions does Traps execute during a security event beyond ensuring the prevention of this activity? (Choose three.)
A. Informs WildFire and sends up a signature to the Cloud
B. Collects forensic information about the event
C. Communicates the status of the endpoint to the ESM
D. Notifies the user about the event
E. Remediates the event by deleting the malicious file
What are the two group options for database when creating a custom report? (Choose two)
A. Oracle
B. SQL
C. Detailed Logs
D. Summary Databases
An SE is preparing an SLR report for a school and wants to emphasize URL filtering capabilities because the school is concerned that its students are accessing inappropriate websites. The URL categories being chosen by default in the report are not highlighting these types of websites.
How should the SE show the customer the firewall can detect that these websites are being accessed?
A. Remove unwanted categories listed under "High Risk" and use relevant information
B. Create a footnote within the SLR generation tool
C. Edit the Key-Findings text to list the other types of categories that may be of interest
D. Produce the report and edit the PDF manually
A customer is targeted by a true zero-day, targeted attack. However, the customer is protected by the Palo Alto Networks security platform. The attack leverages a previously unknown vulnerability in IE but utilizes existing hacking techniques on the endpoint. It is transported over standard HTTP traffic and conforms to the HTML standards. It then attempts to download from a website, compromised specifically for this attack, a custom piece of malware to run on the endpoints.
Which element of the platform will stop this attack?
A. App-ID
B. PAN-DB
C. Traps
D. WildFire
DNS sinkholing helps identify infected hosts on the protected network using DNS traffic in situations where the firewall cannot see the infected client's DNS query (that is, the firewall cannot see the originator of DNS query)
Which of the following Statements is true?
A. DNS Sinkholing requires the Vulnerability Protection Profile be enabled.
B. Sinkholing malware DNS queries solves this visibilty problem by forging responses to the client host queries directed at fake domains created in a controlled "Fake Internet" called Zanadu which designed for testing and honeypots.
C. Infected hosts can then be easily identified in the traffic logs because any host that attempts to connect the sinkhole IP address are most likely infected with malware.
D. DNS Sinkholing requires a license SinkHole license in order to activate.
How do Highly Suspicious artifacts in-AutoFocus help identify when an unknown, potential zero-day, targeted attack occur to allow one to adjust the security posture?
A. Highly Suspicious artifacts are associated with High-Risk payloads that are inflicting massive amounts of damage to end customers.
B. All High Risk artifacts are automatically classified as Highly Suspicious.
C. Highly Suspicious artifacts are High Risk artifacts that have been seen in very few samples.
D. Highly Suspicious artifacts have been seen infecting a broad, significant range of companies.
A specific URL keeps appearing in URL filtering log entries, it was blocked successfully, but the administrator would like to investigate further.
In which two ways would AutoFocus help this administrator? (Choose two.)
A. Generate a list of IP addresses for use in Dynamic Address Groups on the firewall
B. Identify malicious files associated with this URL
C. Generate a correlation object that can be used to monitor associated activities
D. Identify malware campaigns associated with this URL
Which Palo Alto Networks security platform component should an administrator use to extend policies to remote users are not connecting to the internet from behind a firewall?
A. Threat Intelligence Cloud
B. Traps
C. GlobalProtect
D. Aperture
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-PLATFORM exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.