Palo Alto Networks PSE-Strata Exam Practice Test Instant Access

Question 1

Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides autoremediation for anomalous user behavior and malicious activity while maintaining user visibility?

ADynamic user groups (DUGS)

Btagging groups

Cremote device User-ID groups

Ddynamic address groups (DAGs)

Answer : A

Question 2

What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

Aoperational efficiencies due to reduction in manual incident review and decrease in mean time to resolution (MTTR)

Bimproved revenue due to more efficient network traffic throughput

CIncreased security due to scalable cloud delivered security Services (CDSS)

DCost savings due to reduction in IT management effort and device

Answer : B, C, D

Question 3

A customer requires an analytics tool with the following attributes:

- Uses the logs on the firewall to detect actionable events on the network

- Automatically processes a series of related threat events that, when combines, indicate a likely comprised host on the network

- Pinpoints the area of risk and allows for assessment of the risk to action can be taken to prevent exploitation of network resources

Which feature of PAN-OS will address these requirements?

AWildFire with application program interface (API) calls for automation

BThird-party security information and event management (SIEM) which can ingest next-generation firewall (NGFW) logs

CAutomated correlation engine (ACE)

DCortex XDR and Cortex Data Lake

Answer : C

Question 4

Which CLI command allows visibility into SD-WAN events such as path Selection and path quality measurements?

A>show sdwan path-monitor stats vif

B>show sdwan session distribution policy-name

C>show sdwan connection all

D>show sdwan event

Answer : D

Question 5

A prospective customer currently uses a firewall that provides only Layer 4

inspection and protections. The customer sees traffic going to an external destination, port 53, but cannot determine what Layer 7 application traffic is going over that port

Which capability of PAN-OS would address the customer's lack of visibility?

ADevice ID, because it will give visibility into which devices are communicating with external destinations over port 53

Bsingle pass architecture (SPA), because it will improve the performance of the Palo Alto Networks Layer 7 inspection

CUser-ID, because it will allow the customer to see which users are sending traffic to external destinations over port 53

DApp-ID, because it will give visibility into what exact applications are being run over that port and allow the customer to block unsanctioned applications using port 53

Answer : D

Question 6

Which is the smallest Panorama solution that can be used to manage up to 2500 Palo Alto Networks Next Generation firewalls?

AM-200

BM-600

CM-100

DPanorama VM-Series

Answer : D

Question 7

What three Tabs are available in the Detailed Device Health on Panorama for hardware-based firewalls? (Choose three.)

AErrors

BEnvironments

CInterfaces

DMounts

EThroughput

FSessions

GStatus

Answer : B, C, F

Palo Alto Networks PSE-Strata Palo Alto Networks System Engineer - Strata Exam Practice Test