Palo Alto Networks PSE-Endpoint Exam Practice Test Instant Access

Question 1

What is the default interval for Traps agents to communicate via heartbeat to the ESM?

AEvery 1 Minute

BEvery 1 Hour

CEvery 1 Day

DEvery 1 year

Answer : B

Question 2

In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

A/ProgramData/Cyvera/Logs

B/ProgramData/Cyvera/Everyone/Temp

C/Library/Application Support/Cyvera/BITS Uploads/

D/Library/Application Support/PaloAltoNetworks/Traps/Upload/

Answer : D

Question 3

An Administrator has identified an EPM-triggered false positive and has used the Create Rule button from within the relevant entry in the Security Events > Preventions > Exploits tab. What is the result of the created rule?

AThe new rule stops all EPM injection into the faulted process.

BThe new rule stops all EPM injection into processes on the machine on which the prevention was triggered.

CThe new rule excludes the endpoint from Traps protection.

DThe new rule will include the EPM that raised the prevention, the process that triggered the prevention, the machine on which the prevention was triggered, and a descriptive name for the rule.

Answer : B

Question 4

Traps agents use a default password for uninstallation in the event that they never communicate with their ESM server. Identify the password.

APaloAlto!

BUninstall1

CNo password is required

DPassword1

Answer : D

Question 5

Which software category is most likely to cause a conflict with the Traps agent?

AExploit prevention software

BWeb browser software

CWeb meeting and collaboration software

DFull disk encryption software

Answer : A

Question 6

A company is using a Web Gateway/Proxy for all outbound connections. The company has deployed Traps within the domain and in testing, discovered that the ESM Servers are unable to communicate with WildFire. All other Traps features are working. What is the most likely cause of the issue?

AThe administrator needs to configure WildFire proxy settings in each Agent Console.

BThe administrator needs to configure WildFire proxy settings in the ESM Console and in each Agent Console.

CThe Administrator needs to purchase the additional site license required for WildFire.

DThe Administrator needs to configure WildFire proxy settings in the ESM Console.

Answer : D

Question 7

Files are not getting a WildFire verdict.

What is one way to determine whether there is a BITS issue?

ACheck the upload status in the hash control screen

BRun a telnet command between Traps agent and ESM Server on port 2125

CUse PowerShell to test upload using HTTP POST method

DInitiate a 'Send support file' from the agent

Answer : C

Palo Alto Networks PSE-Endpoint PSE Endpoint Professional Exam Practice Test