Palo Alto Networks PSE-Endpoint Exam Questions Instant Access

Question 1

The administrator has added the following whitelist to the WildFire Executable Files policy.

*\mysoftware.exe

What will be the result of this whitelist?

Ausers will not be able to run mysoftware.exe.

Bmysoftware.exe will be uploaded to WildFire for analysis

Cmysoftware.exe will not be analyzed by WildFire regardless of the file location.

Dmysoftware.exe will not be analyzed by WildFire, but only if executed from the C drive.

Answer : B

Question 2

Files are not getting a WildFire verdict.

What is one way to determine whether there is a BITS issue?

ACheck the upload status in the hash control screen

BRun a telnet command between Traps agent and ESM Server on port 2125

CUse PowerShell to test upload using HTTP POST method

DInitiate a 'Send support file' from the agent

Answer : C

Question 3

A company discovers through the agent health display in ESM Console that a certain Traps agent is not communicating with ESM Server. Administrators suspect that the problem relates to TLS/SSL.

Which troubleshooting step determines if this is an SSL issue?

AFrom the agent run the command: telnet (hostname) (port)

BCheck that the Traps service is running

CFrom the agent run the command: ping (hostname)

DBrowse to the ESM hostname from the affected agent

Answer : D

Question 4

Traps agents use a default password for uninstallation in the event that they never communicate with their ESM server. Identify the password.

APaloAlto!

BUninstall1

CNo password is required

DPassword1

Answer : D

Question 5

During installation of the ESM and the agent, SSL was enabled on an endpoint. However, the agent communication is failing. The services.log on the endpoint has the following error.

*An error occurred while making the HTTP request to https: //hostname:2125/CyveraServer/. This could be due to the fact that the server certificate is not configured property with HTTP SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server."

Which certificate can be imported on the endpoint to solve this issue? Assume the hostname is a valid FQDN and the ESM Server and Console have different certificates.

AESM Server Public Certificate

BESM Server Serf-Signed Certificate

CESM Console Self-Signed Certificate

DESM Console Public Certificate

Answer : B

Question 6

A customer plans to test the malware prevention capabilities of Traps. It has defined this policy.

* Local analysis is enabled

* Quarantining of malicious files is enabled

* Files are to be uploaded to WildFire

No executables have been whitelisted or blacklisted in the ESM Console Hash Control screen.

Malware sample A has a verdict of Malicious in the WildFire service. Malware sample B is unknown to WildFire.

Which behavior will result?

AWildFire will block sample A as known malware; sample B will be blocked as an unknown binary while the file is analyzed by WildFire for a final verdict.

BHash Control already knows sample A locally in the endpoint cache and will block it. Sample B will not be blocked by WildFire, but will be blocked by the local analysis engine.

CWildFire will block sample A as known malware, and sample B will compromise the endpoint because it is new and ESM Server has not obtained the required signatures.

DWildFire will block sample A as known malware; sample B will not be blocked by WildFire, but will be evaluated by the local analysis engine and will or will not be blocked, based on its verdict, until WildFire analysis determines the final verdict.

Answer : D

Question 7

Which MSI command line parameters will successfully install a Traps agent using SSL and pointed to server ESM?

Amsiexec /i c:\traps.msi /qn TRAPS_SERVER=ESM USE_SSL_PRIMARY=1

Bmsiexec /i c:\traps.msi /qn CYVERA_SERVER=ESM USE_SSL_PRIMARY=1

Cmsiexec /i c:\traps.msi /qn ESM_SERVER=ESM USE_SSL_PRIMARY=1

Dmsiexec /x c:\traps.msi /qn SERVER=ESM USE_SSL_PRIMARY=1

Answer : B

Palo Alto Networks PSE Endpoint Professional PSE-Endpoint Exam Questions