Palo Alto Networks PSE-Platform Exam Questions Instant Access

Question 1

How does SSL Forward Proxy decryption work?

ASSL Forward Proxy decryption policy decrypts and inspects SSL/TLS traffic from internal users to the web.

BThe SSL Forward Proxy Firewall creates a certificate intended for the client that is intercepted and altered by the firewall.

CIf the server's certificate is signed by a CA that the firewall does not trust, the firewall will use the certificate only on Forward Trust.

DThe firewall resides between the internal client and internal server to intercept traffic between the two.

Answer : A

Question 2

What are three considerations when deploying User-ID. (Choose three.)

AEnable WMI probing in high security networks

BUser-ID can support a maximum of 15 hops.

CSpecify included and excluded networks when configuring User-ID

DUse a dedicated service account for User-ID services with the minimal permissions necessary.

EOnly enable User-ID on trusted zones

Answer : A, C, D

Question 3

Where are three tuning considerations when building a security policy to protect against modern day attacks? (Choose three)

ACreate an anti-spyware profile to block all spyware

BCreate a vulnerability protection profile to block all the vulnerabilities with severity low and higher

CCreate an SSL Decryption policy to decrypt 100% of the traffic

DCreate an antivirus profile to block all content that matches and antivirus signature

ECreate a WildFire profile to schedule file uploads during low network usage windows

Answer : B, C, E

Question 4

Which two designs require virtual systems? (Choose two.)

AA shared gateway interface that does not need a full administrative boundary

BA virtual router as a replacement for an internet-facing router

CA single physical firewall shared by different organizations, each with unique traffic control needs

DA VMware NSX deployment that needs micros segmentation

Answer : B, C

Question 5

The botnet report displays a confidence score of 1 to 5 indicating the likelihood of a botnet infection.

Which three sources are used by the firewall as the basis of this score? (Choose three.)

ABad Certificate Reports

BTraffic Type

CBotnet Reports

DNumber of Events

EExecutable Downloads

FThreat Landscape

Answer : B, D, E

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/monitoring/generate-botnet-reports

Question 6

What are three best practices for running an Ultimate Test Drive (UTD)? (Choose three.)

AIt should be used to create pipeline and customer interest.

BIt should be used to demonstrate the power of the platform.

CThe lab documentation should be reviewed and tested.

DIt should be led by Palo Alto Network employees.

EThe required equipment should be shipped to lab site in advance.

Answer : A, B, C

Question 7

Which certificate can be used to ensure that traffic coming from a specific server remains encrypted?

AForward entrust

BSSL exclude certificate

CForward trust

DSSL inbound inspection

Answer : B

https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/device/device-certificate-management-ssl-decryption-exclusion

Palo Alto Networks PSE Platform PSE-Platform Exam Questions