Palo Alto Networks PSE-Endpoint Exam Questions Instant Access

Question 1

A customer has an environment with the following:

* 1,000 agents communicating over SSL with two servers - one containing the ESM Server and another one where the ESM Console is installed

* BitsUploads resides on the ESM Console server

* ESM Server and Console are using the default pods tor communication

In a scenario where a file is failing to be uploaded from macOS, which three reasons could be directly related to the failure? (Choose three.)

ATraps agent is not able to check in with the ESM Server

BThe rate of upload is lower than 100Kb/S

CThe BITS address in the ESM is incorrect

DPort 2125 is blocked on the server which hosts BitsUploads

EPort 443 is blocked on the server which hosts BitsUploads

Answer : A, C, E

Question 2

Which is the proper order of tasks that an administrator needs to perform to successfully create and install Traps 4.x for macOS agents?

ADownload ClientUpgradePackage_4.x.x.zip from the support portal. Copy ClientUpgradePackage_4.x.x.zip to target endpoint. Unzip and run traps pkg.

BDownload ClientUpgradePackage.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.

CDownload Traps_macOS_4.x.x.zip from the support portal. Copy Traps_macOS_4.x.x.zip to target endpoint. Unzip and run traps pkg.

DDownload Traps_macOS_4.x.x.zip from the support portal. Create installation package on ESM using .zip file, download installpackage.zip file. Copy installpackage.zip to target endpoint. Unzip and run traps pkg.

Answer : D

Question 3

There are two custom policy rules in ESM Console. Policy rule number 1000 turns ROP off for winword.exe. Policy rule number 1001 turns ROP on for winword.exe

What is the ROP module status for winword.exe?

ADue to the collision in the policy rules, ROP is enabled in notification mode.

BThe lower numbered policy rule takes precedence. ROP is off for winword.exe

CThe higher numbered policy rule takes precedence. ROP is on for winword.exe

DThe default policy rule takes precedence over both policy rules 1000 and 1001 and disables ROP for winword.exe

Answer : B

Question 4

An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)

AA sample with a low number of hits in Virus Total

BAn MS Office document which contains a ransomware macro

CA sample known to be flagged as grayware by Traps

DA freeware video application which spawns malicious processes

EA sample known to generate false positives in the production environment.

Answer : A, B, E

Question 5

When planning to test a software exploit using a Metasploit module, what two options should be considered about the victim host to ensure success?

AUSB port version of the victim host

BSpeed and make of the victim's RAM

Csoftware version of the target application

Dplatform, architecture, and patch level of the victim host

Answer : A, C

Question 6

Files are not getting a WildFire verdict.

What is one way to determine whether there is a BITS issue?

ACheck the upload status in the hash control screen

BRun a telnet command between Traps agent and ESM Server on port 2125

CUse PowerShell to test upload using HTTP POST method

DInitiate a 'Send support file' from the agent

Answer : C

Question 7

An administrator receives an alert indicating the ESM service is not starting on the ESM Server. When the administrator tries to start the service manually, the administrator receives an error. "The Endpoint Security Manager service on Local Computer started and then stopped."

What is the cause of the failure?

AThe Account assigned to the service does not have 'Log on as a batch job' permissions on the machine.

BThe Account assigned to the service does not have ''Log on as a service' permissions on the machine.

CThe Account assigned to the service is not the Local Administrator on the machine.

DThe Account assigned to the service is not an Active Directory Domain user.

Answer : B

Palo Alto Networks PSE Endpoint Professional PSE-Endpoint Exam Questions