Palo Alto Networks PSE-Endpoint Exam Practice Test Instant Access

Question 1

In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

A/ProgramData/Cyvera/Logs

B/ProgramData/Cyvera/Everyone/Temp

C/Library/Application Support/Cyvera/BITS Uploads/

D/Library/Application Support/PaloAltoNetworks/Traps/Upload/

Answer : D

Question 2

An administrator is testing an exploit that is expected to be blocked by the JIT Mitigation EPM protecting the viewer application in use. No prevention occurs, and the attack is successful.

In which two ways can the administrator determine the reason for the missed prevention? (Choose two.)

ACheck in the HKLM\SYSTEM\Cyvera\Policy registry key and subkeys whether JIT Mitigation is enabled for this application

BCheck if a Just-In-Time debugger is installed on the system

CCheck that the Traps libraries are injected into the application

DCheck that all JIT Mitigation functions are enabled in the HKLM\SYSTEM\Cyvera\Policy\Organization\Process\Default registry key

Answer : A, C

Question 3

Which MSI command line parameters will successfully install a Traps agent using SSL and pointed to server ESM?

Amsiexec /i c:\traps.msi /qn TRAPS_SERVER=ESM USE_SSL_PRIMARY=1

Bmsiexec /i c:\traps.msi /qn CYVERA_SERVER=ESM USE_SSL_PRIMARY=1

Cmsiexec /i c:\traps.msi /qn ESM_SERVER=ESM USE_SSL_PRIMARY=1

Dmsiexec /x c:\traps.msi /qn SERVER=ESM USE_SSL_PRIMARY=1

Answer : B

Question 4

An administrator has installed Traps 4.0. The administrator wants to test the malware protections provided. What sample should they use to test the protections provided by Traps?

AA sample with a low number of hits in Virus Total

BA toolbar package known to be flagged as grayware by Traps

CA sample known to generate false positives in the production environment

DAn MS Office document which contains a ransomware macro

Answer : D

Question 5

When installing the ESM, what role must the database user be assigned in Microsoft SQL?

Adb_owner

Bdb_secuirtyadmin

Cdb_datawriter

Ddb_accessadmin

Answer : A

Question 6

To ensure that the Traps VDI tool can obtain verdicts for all unknown files what are the things that needs to be checked? Assuming ESM Console and ESM Server are on different servers. (Choose two.)

AESM Server can access WildFire Server

BEndpoint can access WildFire Server

CESM Console can access WildFire Server

DEndpoint can access ESM Server

Answer : A, D

Question 7

From the ESM console, which two ways can an administrator verify that their installed macOS agents are functional? (Choose two.)

AClick the Settings Tab > Agent > Installation Package to view the agents installed.

BClick the Dashboard Tab, and refer to the Computer Distribution and Version window

CClick the Monitor Tab > Agent > Health. Sort by OS and look for the macOS endpoints

DClick the Monitor Tab > Data Retrieval

Answer : A, C

Palo Alto Networks PSE Endpoint Professional Exam Practice Test