Palo Alto Networks PSE-Platform Exam Practice Test Instant Access

Question 1

A network covers three geographical areas: Americas, Europe (EMEA), and Asia (APAC). The APAC segment of the network consists of nine HA pairs of PA-3060 firewalls, generating a combined log output of 25 K logs per second. Only 14 days of traffic log retention is required.

Which management and logging solution will be effective and cost-efficient for this segment of the network?

ATwo M-500s in HA management at the global level, with one M-100 with 4 TB of storage for APAC

BTwo M-500s in HA management at the global level, and one log collector-mode M-500 with 8 TB of storage for APAC

CTwo M-500s in HA management at the global level, and two log collector-mode M-500s in a log collector group with 16 TB of storage for APAC

DTwo Dual-mode M-500s in HA for both global management and storage. Each M-500 has 8 TB of storage

Answer : C

Question 2

How often are regularly scheduled update for the Anti-virus Application, Threats, and Wildfire subscription databases made available by Palo Alto Networks in PAN-OS 8.0?

AAnti-Virus (Daily) Application (Weekly), Threats (Daily), Wildfire (5 Minutes)

BAnti-Virus (Weekly) Application (Daily), Threats (Daily), Wildfire (5 Minutes)

CAnti-Virus (Daily) Application (Weekly), Threats (Weekly), Wildfire (5 Minutes)

DAnti-Virus (Weekly) Application (Daily), Threats (Weekly), Wildfire (5 Minutes)

Answer : C

Question 3

A price sensitive customer wants to prevent attacks on a windows 2008 Virtual Server. The server will max out at 100Mbps but needs to have 45,000 sessions to connect to multiple hosts within a data center

Which VM instance should be used to secure the network by this customer?

AVM-200

BVM-100

CVM-300

DVM-50

Answer : D

Question 4

Which option is required to activate/retrieve a Device Management License on the M.100 Appliance after the Auth Codes have been activated on the Palo Alto Networks Support Site?

AGenerate a Tech Support File and call PANTAC

BSelect Device > Licenses and click activate feature using authorization code

CSelect PANORAMA > Licenses and click Activate feature using authorization code

DGenerate a State Dump File and upload it to the Palo Alto Network support portal

Answer : C

Question 5

DNS sinkholing helps identify infected hosts on the protected network using DNS traffic in situations where the firewall cannot see the infected client's DNS query (that is, the firewall cannot see the originator of DNS query)

Which of the following Statements is true?

ADNS Sinkholing requires the Vulnerability Protection Profile be enabled.

BSinkholing malware DNS queries solves this visibilty problem by forging responses to the client host queries directed at fake domains created in a controlled 'Fake Internet' called Zanadu which designed for testing and honeypots.

CInfected hosts can then be easily identified in the traffic logs because any host that attempts to connect the sinkhole IP address are most likely infected with malware.

DDNS Sinkholing requires a license SinkHole license in order to activate.

Answer : C

Question 6

Which three signature-based Threat Prevention features of the firewall are informed by intelligence from the Threat Intelligence Cloud? (Choose three.)

AVulnerability protection

BAnti-Spyware

CAnti-Virus

DBotnet detection

EApp-ID protection

Answer : A, B, E

Question 7

When a customer creates a new SLR report, what is the first step in generating a proper SLR report once logged in to the Partner Portal?

AClick the Track my deals button to view your open Opportunities.

BScroll down and click the New Security Lifecycle Review button.

CClick the Select files... button and find the relevant statsdump file on your local machine and click Upload.

DSelect the appropriate Opportunity.

Answer : A

Palo Alto Networks PSE Platform Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7