Palo Alto Networks PSE-Endpoint Exam Questions Instant Access

Question 1

Once an administrator has successfully instated a Content Update, how is the Content Update applied to endpoint?

AAfter Installation on the ESM, an Agent License renewal is required in order to trigger relevant updates.

BAfter installation on the ESM, relevant updates occur at the next Heartbeat communication from each endpoint.

CInstallation of a Content Update triggers a proactive push of the update by the ESM server to all endpoints with licensed Traps Agents within the Domain.

DThe Traps Agent must be reinstalled on the endpoint in order to apply the content update. Existing Agents will not be able to take advantage of content updates.

Answer : B

Question 2

In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

A/ProgramData/Cyvera/Logs

B/ProgramData/Cyvera/Everyone/Temp

C/Library/Application Support/Cyvera/BITS Uploads/

D/Library/Application Support/PaloAltoNetworks/Traps/Upload/

Answer : D

Question 3

A company is trying to understand which platform can be installed on their environment:

Select the three endpoints where Traps can be installed (Choose three).

AWindows 10 LTSB with 2 GB RAM, 500MB free disk space and Intel Core i5 CPU

BWindows 2000 SP4 with 1 GB RAM, 4 GB free disk space and Intel Pentium 4 CPU

CApple iPhone 6s

DWindows Server 2012 R2 Standard Edition in FIPS Mode, with 4GB RAM, 20GB free disk space, running on VMware ESXi.

E15'' MacBook Pro running macOS 10.12 with 16GB RAM, Intel Core i7 CPU and 100GB tree disk space

Answer : A, D, E

Question 4

A retail company just purchased Traps for its 8,000 endpoints. Many of its users work remotely. The company is not using any VPN solution, but would still like to manage all endpoints regardless where they are.

Which two aspects should be part of the recommendation? (Choose two.)

AAs each ESM Core server can handle up to 30,000 endpoints, use at least 1 ESM Core server internally and 1 ESM core server in the DMZ for external endpoints.

BPlacing an ESM Core server in the DMZ or in a cloud hosting service allows external endpoints to connect to it, even without a VPN client.

CProtection for remote endpoints is currently not supported. Since the ESM servers can only be installed in an internal network, endpoints without VPN will not be able to connect to it.

DIf there is no connection to the ESM Core server, Traps agents automatically connect to WildFire and endpoints are fully protected. No additional ESM Core servers are needed.

Answer : A, B

Question 5

Which software category is most likely to cause a conflict with the Traps agent?

AExploit prevention software

BWeb browser software

CWeb meeting and collaboration software

DFull disk encryption software

Answer : A

Question 6

What is the default interval for Traps agents to communicate via heartbeat to the ESM?

AEvery 1 Minute

BEvery 1 Hour

CEvery 1 Day

DEvery 1 year

Answer : B

Question 7

An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)

AA sample with a low number of hits in Virus Total

BAn MS Office document which contains a ransomware macro

CA sample known to be flagged as grayware by Traps

DA freeware video application which spawns malicious processes

EA sample known to generate false positives in the production environment.

Answer : A, B, E

Palo Alto Networks PSE Endpoint Professional PSE-Endpoint Exam Questions