Paloalto Networks PSE Strata Palo Alto Networks System Engineer Professional – Strata Online Training
Paloalto Networks PSE Strata Online Training
The questions for PSE Strata were last updated at May 30,2024.
- Exam Code: PSE Strata
- Exam Name: Palo Alto Networks System Engineer Professional - Strata
- Certification Provider: Paloalto Networks
- Latest update: May 30,2024
What is an advantage of having WildFire machine learning (ML) capability Inline on the firewall?
- A . It eliminates of the necessity for dynamic analysis in the cloud
- B . It enables the firewall to block unknown malicious files in real time and prevent patient zero without disrupting business productivity
- C . It is always able to give more accurate verdicts than the cloud ML analysis reducing false positives and false negatives
- D . It improves the CPU performance of content inspection
A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues .
How does the platform address the customer’s concern?
- A . It overcomes reservations about SSL decrypt by offloading to a higher-capacity firewall to help with the decrypt throughput
- B . It shows how AutoFocus can provide visibility into targeted attacks at the industry sector
- C . It allows a list of websites or URL categories to be defined for exclusion from decryption
- D . It bypasses the need to decrypt SSL traffic by analyzing the file while still encrypted
Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)
- A . Active / active high availability (HA)
- B . Multiple virtual systems
- C . non-SYN first packet
- D . Asymmetric routing profile
A customer requires protections and verdicts for portable executable (PE) and executable and linkable format (ELF), as well as the ability to integrate with existing security tools.
Which Cloud-Delivered Security Service (CDSS) does Palo Alto Networks provide that will address this requirement?
- A . Dynamic Unpacking
- B . WildFire
- C . DNS Security
- D . File Blocking profile
What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?
- A . allow the request and all subsequent responses
- B . temporarily disable the DNS Security function
- C . block the query
- D . discard the request and all subsequent responses
Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?
- A . It processes each feature in a separate single pass with additional performance impact for each enabled feature.
- B . Its processing applies only to security features and does not include any networking features.
- C . It processes all traffic in a single pass with no additional performance impact for each enabled feature.
- D . It splits the traffic and processes all security features in a single pass and all network features in a separate pass
Which solution informs a customer concerned about zero-day targeted attacks whether an attack is specifically targeted at its property?
- A . AutoFocus
- B . Panorama Correlation Report
- C . Cortex XSOAR Community edition
- D . Cortex XDR Prevent
Which Palo Alto Networks security component should an administrator use to and NGFW policies to remote users?
- A . Prisma SaaS API
- B . Threat intelligence Cloud
- C . GlobalProtect
- D . Cortex XDR
Within the Five-Step Methodology of Zero Trust, in which step would application access and user access be defined?
- A . Step 3: Architect a Zero Trust Network
- B . Step 5. Monitor and Maintain the Network
- C . Step 4: Create the Zero Trust Policy
- D . Step 1: Define the Protect Surface
- E . Step 2 Map the Protect Surface Transaction Flows
What will best enhance security of a production online system while minimizing the impact for the existing network?
- A . Layer 2 interfaces
- B . active / active high availability (HA)
- C . Virtual wire
- D . virtual systems