1. Home
  2. Palo Alto Networks
  3. PSE-STRATA-ASSOCIATE

Palo Alto Networks Systems Engineer (PSE) - Strata Associate

Exam Details

  • Exam Code
    :PSE-STRATA-ASSOCIATE
  • Exam Name
    :Palo Alto Networks Systems Engineer (PSE) - Strata Associate
  • Certification
    :Strata Associate
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :35 Q&As
  • Last Updated
    :

Palo Alto Networks Strata Associate PSE-STRATA-ASSOCIATE Questions & Answers

  • Question 11:

    Which path will generate a stats dump file on a Palo Alto Networks Next-Generation Firewall (NGFW)?

    A. Device > Support > Generate Statsdump

    B. Device > Statsdump > Generate Statsdump

    C. Device > SLR > Generate Statsdump

    D. Device > Files > Generate Statsdump

  • Question 12:

    Which of the following statements applies to enabling App-ID on a Next-Generation Firewall (NGFW)?

    A. No additional purchase is required, but App-ID must be enabled for the customer to use it.

    B. An App-ID subscription must be purchased and enabled.

    C. No configuration is required, because App-ID is always enabled by default.

    D. A Threat Protection license must be purchased and enabled.

  • Question 13:

    A customer has enabled the Threat Prevention subscription on their Palo Alto Networks Next-Generation Firewall.

    How will the performance of the firewall beaffected if the customer also enables both WildFire and User-ID?

    A. The maximum throughput performance will be reduced, but the impact will vary based on the firewall model being used.

    B. Enabling User-ID will have no additional performance impact, but enabling WildFire will reduce throughput.

    C. There will be no additional performance impact to the firewall, and throughput will remain the same, regardless of firewall model.

    D. Enabling WildFire will have no additional performance impact, but enabling User-ID will reduce throughput.

  • Question 14:

    Which subscription should be activated when a predefined, known malicious IP address is updated?

    A. WildFire

    B. Cortex Data Lake

    C. Threat Prevention

    D. URL Filtering

  • Question 15:

    Using a comprehensive range of natively-integratedsubscriptions and inline machine learning (ML), what does a Next-Generation Firewall (NGFW) use to prevent known and unknown threats in real time?

    A. Cloud Delivered Security Services (CDSS)

    B. Cloud Security Posture Management (CSPM)

    C. Cloud NativeSecurity Platform (CNSP)

    D. Cloud Identity Access Management (CIAM)

  • Question 16:

    To use App-ID effectively in Security policies, which three best practices should be followed? (Choose three.)

    Select 3 Correct Responses

    A. Use Expedition to migrate aport-based policy to PAN-OS.

    B. Whenever possible, enable App-ID override.

    C. Use phased transition to safely enable applications.

    D. Use Policy Optimizer to migrate to an application-based policy.

    E. After the application is specified in policy, set the 7service to "any".

  • Question 17:

    A Human Resources (HR) application has the URL of https://hr.company.com:4433/.

    How should the "Service" column of the Security policy be set to match and permit this application?

    A. Define and then select a new custom Transmission Control Protocol (TCP) service with port 4433.

    B. Edit "service-https" to use port 4433.

    C. Set to "service-http".

    D. Set to "application-defaults," which will locate and match the HR application.

  • Question 18:

    In which two of the following scenarios is personal data excluded fromprotection under the General Data Protection Regulation (GDPR)?

    Select 2 Correct Responses

    A. The data was automated as part of an information filing system.

    B. The data was generated in the course of a purely personal or household activity.

    C. The data will be used for the prevention of criminal offenses.

    D. The data is related to a person's economic or cultural identity.

  • Question 19:

    What is a technical benefit of User-ID in relation to policy control?

    A. It matches traffic against policy to check whether it is allowed on the network.

    B. It allows all users to designate view-only access to itinerant personnel.

    C. It improves safe enablement of applications traversing the network.

    D. It encrypts all private keys and passwords in the configuration.

  • Question 20:

    A customer interested in Panorama is concerned about managing multiple firewalls they are putting in place globally. Each location has its own IP addresses,zones, and VPN configurations.

    Which element of Panorama will assist the customer in pushing this unique configuration information to the individual firewalls?

    A. device profile

    B. GlobalProtect

    C. templates

    D. device groups

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-STRATA-ASSOCIATE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.