Palo Alto Networks PSE-Endpoint Exam Practice Test Instant Access

Question 1

An administrator has installed Traps 4.0. The administrator wants to test the malware protections provided. What sample should they use to test the protections provided by Traps?

AA sample with a low number of hits in Virus Total

BA toolbar package known to be flagged as grayware by Traps

CA sample known to generate false positives in the production environment

DAn MS Office document which contains a ransomware macro

Answer : D

Question 2

Which MSI command line parameters will successfully install a Traps agent using SSL and pointed to server ESM?

Amsiexec /i c:\traps.msi /qn TRAPS_SERVER=ESM USE_SSL_PRIMARY=1

Bmsiexec /i c:\traps.msi /qn CYVERA_SERVER=ESM USE_SSL_PRIMARY=1

Cmsiexec /i c:\traps.msi /qn ESM_SERVER=ESM USE_SSL_PRIMARY=1

Dmsiexec /x c:\traps.msi /qn SERVER=ESM USE_SSL_PRIMARY=1

Answer : B

Question 3

The ESM policy is set to upload unknowns to WildFire. However, when an unknown is executed the Upload status in ESM Console never displays "Upload in progress", and the verdict remains local analysis or unknown. Even clicking the upload button and checking in does not resolve the Issue. A line in the log file suggests not being able to download a file from "https:/ESMSERVER/BitsUploads/... to C:\ProgramData\Cyvera\Temp\..."

Which solution fixes this problem?

ARestart BITS service on the endpoint

BRestart BITS service on ESM

CRemove and reinstall all the agents without SSL

DIn the ESM Console, use the FQDN in multi ESM

Answer : B

Question 4

An Administrator has identified an EPM-triggered false positive and has used the Create Rule button from within the relevant entry in the Security Events > Preventions > Exploits tab. What is the result of the created rule?

AThe new rule stops all EPM injection into the faulted process.

BThe new rule stops all EPM injection into processes on the machine on which the prevention was triggered.

CThe new rule excludes the endpoint from Traps protection.

DThe new rule will include the EPM that raised the prevention, the process that triggered the prevention, the machine on which the prevention was triggered, and a descriptive name for the rule.

Answer : B

Question 5

During installation of the ESM and the agent, SSL was enabled on an endpoint. However, the agent communication is failing. The services.log on the endpoint has the following error.

*An error occurred while making the HTTP request to https: //hostname:2125/CyveraServer/. This could be due to the fact that the server certificate is not configured property with HTTP SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server."

Which certificate can be imported on the endpoint to solve this issue? Assume the hostname is a valid FQDN and the ESM Server and Console have different certificates.

AESM Server Public Certificate

BESM Server Serf-Signed Certificate

CESM Console Self-Signed Certificate

DESM Console Public Certificate

Answer : B

Question 6

Which software category is most likely to cause a conflict with the Traps agent?

AExploit prevention software

BWeb browser software

CWeb meeting and collaboration software

DFull disk encryption software

Answer : A

Question 7

Traps agents use a default password for uninstallation in the event that they never communicate with their ESM server. Identify the password.

APaloAlto!

BUninstall1

CNo password is required

DPassword1

Answer : D

Palo Alto Networks PSE-Endpoint PSE Endpoint Professional Exam Practice Test