Palo Alto Networks PSE-Platform Exam Practice Test Instant Access

Question 1

Which certificate can be used to ensure that traffic coming from a specific server remains encrypted?

AForward entrust

BSSL exclude certificate

CForward trust

DSSL inbound inspection

Answer : B

https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/device/device-certificate-management-ssl-decryption-exclusion

Question 2

A specific URL keeps appearing in URL filtering log entries, it was blocked successfully, but the administrator would like to investigate further.

In which two ways would AutoFocus help this administrator? (Choose two.)

AGenerate a list of IP addresses for use in Dynamic Address Groups on the firewall

BIdentify malicious files associated with this URL

CGenerate a correlation object that can be used to monitor associated activities

DIdentify malware campaigns associated with this URL

Answer : A, D

Question 3

What are two benefits of using Panorama for a customer who is deploying virtual firewalls to secure data center traffic? (Choose two.)

AIt can monitor the virtual firewalls' physical hosts and Vmotion them as necessary.

BIt can bootstrap the virtual firewall for dynamic deployment scenarios

CIt can manage the virtual firewalls' resource use, allowing for VM resource over-subscription.

DIt can provide the Automated Correlation Engine functionality, which the virtual firewalls do not support

Answer : B, D

Question 4

A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer believes that someone has clicked an email that might have contained a malicious file type. The customer already uses a firewall with User-ID enabled.

Which feature must also be enabled to prevent these attacks?

AWildFire

BApp-ID

CCustom App-ID rules

DContent Filtering

Answer : A

Question 5

What are three sources of malware sample data for the Palo Alto Networks Threat Intelligence Cloud? (Choose three.)

AThird-Party data feeds, like the partnership with ProofPoint and the Cyber Threat Alliance

BPalo Alto Networks AutoFocus generated Correlation Objects

CPalo Alto Networks Next Generation Firewalls deployed with Wildfire Analysis Security Profiles

DWF-500 configured as private clouds for privacy concerns

EPalo Alto Networks non-firewall products, like Traps and Aperture

Answer : A, B, E

https://www.paloaltonetworks.com/products/secure-the-network/subscriptions/autofocus

Question 6

Which two components must to be configured within User-ID on a new firewall that has been implemented? (Choose two.)

AGroup Mapping

B802.1X Authentication

CProxy Authentication

DUser mapping

Answer : A, D

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/user-id/enable-user-id

Question 7

Which two designs require virtual systems? (Choose two.)

AA shared gateway interface that does not need a full administrative boundary

BA virtual router as a replacement for an internet-facing router

CA single physical firewall shared by different organizations, each with unique traffic control needs

DA VMware NSX deployment that needs micros segmentation

Answer : B, C

Palo Alto Networks PSE-Platform PSE Platform Exam Practice Test