Palo Alto Networks PSE-Platform Exam Questions Instant Access

Question 1

Which three items contain information about Command and Control (C&C) hosts? (Choose three.)

AThreat logs

BData filtering logs

CBotnet reports

DSaaS reports

EWildFire analysts reports

Answer : B, C, E

Question 2

What is a best practice when configuring a security policy to completely block a specific application?

AOne the Service/URL. Category tab, set the service to any

BOn the Actions tab, configure a file blocking security profile

COn the Service/URL. Category tab, set the service to application-default

DOn the Service/URL. Category tab, manually specify a port/service

Answer : A

Question 3

Which three actions should be taken before deploying a firewall evaluation unit in the customer's environment? (Choose three.)

AInform the customer that they will need to provide a SPAN port for the evaluation unit assuming a TAP mode deployment.

BRequest that the customs make port 3978 available to allow the evaluation unit to communicate with Panorama.

CReset the evaluation unit to factory default to ensure that data from any previous customer evaluation is removed.

DUpgrade the evaluation unit to the most current recommended firmware, unless a demo of the upgrade process is planned.

ESet expectations around which information will be presented in the Security Lifecycle Review because sensitive information may be made visible.

Answer : A, C, D

Question 4

Which three policies or certificates must be configured for SSL Forward Proxy decryption? (Choose three.)

AForward trust certificate

BForward untrust certificate

CA decrypt port mirror policy

DInternal server certificate

EA decryption policy

Answer : A, B, E

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/decryption/keys-and-certificates-for-decryption-policies#_40372

Question 5

A customer is targeted by a true zero-day, targeted attack. However, the customer is protected by the Palo Alto Networks security platform.

The attack leverages a previously unknown vulnerability in IE but utilizes existing hacking techniques on the endpoint. It is transported over standard HTTP traffic and conforms to the HTML standards. It then attempts to download from a website, compromised specifically for this attack, a custom piece of malware to run on the endpoints.

Which element of the platform will stop this attack?

AApp-ID

BPAN-DB

CTraps

DWildFire

Answer : D

Question 6

The botnet report displays a confidence score of 1 to 5 indicating the likelihood of a botnet infection.

Which three sources are used by the firewall as the basis of this score? (Choose three.)

ABad Certificate Reports

BTraffic Type

CBotnet Reports

DNumber of Events

EExecutable Downloads

FThreat Landscape

Answer : B, D, E

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/monitoring/generate-botnet-reports

Question 7

Which two designs require virtual systems? (Choose two.)

AA shared gateway interface that does not need a full administrative boundary

BA virtual router as a replacement for an internet-facing router

CA single physical firewall shared by different organizations, each with unique traffic control needs

DA VMware NSX deployment that needs micros segmentation

Answer : B, C

Palo Alto Networks PSE Platform PSE-Platform Exam Questions