1. Home
  2. Palo Alto Networks
  3. PSE-PRISMACLOUD

PSE Palo Alto Networks System Engineer Professional - Prisma Cloud

Exam Details

  • Exam Code
    :PSE-PRISMACLOUD
  • Exam Name
    :PSE Palo Alto Networks System Engineer Professional - Prisma Cloud
  • Certification
    :PSE-Prisma Cloud Professional
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :60 Q&As
  • Last Updated
    :Apr 29, 2024

Palo Alto Networks PSE-Prisma Cloud Professional PSE-PRISMACLOUD Questions & Answers

  • Question 1:

    Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

    A. Palo Alto Networks provides full support if a valid support license is in place.

    B. Support for the templates is available through Professional Services from Palo Alto Networks.

    C. Unless otherwise noted, these templates are released under an as-is. best effort support policy.

    D. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.

  • Question 2:

    An administrator has deployed an AWS transit gateway and used multiple VPC spokes to segregate a multi-tier application. The administrator also created a security VPC with multiple VM-Series NGFWs in an active/active deployment model via ECMP using Amazon Web Services VPN-based attachments.

    What must be configured on the firewall to avoid asymmetric routing?

    A. source address translation

    B. destination address translation

    C. port address translation

    D. source and destination address translation

  • Question 3:

    When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)

    A. Group2 / SHA-1 / AES-128-CBC / IKE-V1

    B. Group2 / SHA-1 / AES-128-GCM / IKE-V1

    C. Group14 / SHA-256 / AES-256-GCM / IKE-V1

    D. Group2 / SHA-1 / AES-128-CBC

    E. Group14 / SHA-256 / AES-256-CBC / IKE-V1

  • Question 4:

    Which option is defined by the creation and change of public cloud services managed in a repeatable and predictable fashion?

    A. platform as a service

    B. infrastructure as a service

    C. software as code

    D. infrastructure as code

  • Question 5:

    Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

    A. Excessive login failures

    B. Unusual user activity

    C. Denial-of-service activity

    D. Account hijacking attempts

    E. Suspicious file activity

  • Question 6:

    Which two statements are true about CloudFormation? (Choose two.)

    A. CloudFormation is a procedural configuration management tool.

    B. CloudFormation templates can be used on both Amazon Web Services and Microsoft Azure

    C. CloudFormation templates can be written in JSON or YAML

    D. CloudFormation is a declarative orchestration tool.

  • Question 7:

    Which RQL string monitors all traffic from the Internet and Suspicious IPs destined for your Amazon Web Services databases?

    A. network where source.publicnetwork IN ('Suspicious IPs') and dest.resource IN (resource where role IN ('AWS RDS', 'Database'))

    B. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('LDAP'))

    C. network where dest.resource IN (resource where role = 'Database'}

    D. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest resource IN (resource where role IN ('AWS RDS'. 'Database'))

  • Question 8:

    How can you modify a range of dates default policy in Prisma Public Cloud?

    A. Override the value and commit the configuration.

    B. Clone the existing policy and change the value.

    C. Manually create the RQL statement.

    D. Click the Gear icon next to the policy name to open the Edit Policy dialog

  • Question 9:

    What is required for an EC2 instance to access the internet directly from an AWS VPC?

    A. Internet Gateway

    B. Transit Gateway

    C. Virtual Private Gateway

    D. Customer Gateway

  • Question 10:

    What resource is required to receive inbound traffic from the internet to VM-Series NGFW deployed as a gateway for Azure Stack workloads?

    A. Public IP for the VM-Series NGFW

    B. NAT appliance

    C. Azure Stack Edge Router

    D. Border Customer Network

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-PRISMACLOUD exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.