Palo Alto Networks PSE-Platform Exam Practice Test Instant Access

Question 1

Which configuration creates the most comprehensive ''best-practice'' Anti Spyware profile to prevent command and Control traffic?

AClone the Strict Anti-Spyware Profile, enable DNS Sinkholing and Passive DNS Monitoring, and deploy this customized clone

BClone the Default Anti-Spyware Profile and enable DNS Sinkholing and Passive DNS Monitoring, and deploy this customized clone

CEdit and deploy the Default Anti-Spyware Profile (DNS Sinkholing and Passive DNS Monitoring is already enabled)

DEdit and deploy the Strict Anti-Spyware Profile Profile (DNS Sinkholing and Passive DNS Monitoring is already enabled)

Answer : A

Question 2

An administrator needs a PDF summary report that contains information compiled from existing reports based on data for the top 5 in each category.

How often will the Administrator receive the report?

ABi-weekly

BDaily

CWeekly

DMonthly

Answer : B

Question 3

What are the two group options for database when creating a custom report? (Choose two)

AOracle

BSQL

CDetailed Logs

DSummary Databases

Answer : C, D

Question 4

What is a best practice when configuring a security policy to completely block a specific application?

AOne the Service/URL. Category tab, set the service to any

BOn the Actions tab, configure a file blocking security profile

COn the Service/URL. Category tab, set the service to application-default

DOn the Service/URL. Category tab, manually specify a port/service

Answer : A

Question 5

Which certificate can be used to ensure that traffic coming from a specific server remains encrypted?

AForward entrust

BSSL exclude certificate

CForward trust

DSSL inbound inspection

Answer : B

Question 6

What are three considerations when deploying User-ID. (Choose three.)

AEnable WMI probing in high security networks

BUser-ID can support a maximum of 15 hops.

CSpecify included and excluded networks when configuring User-ID

DUse a dedicated service account for User-ID services with the minimal permissions necessary.

EOnly enable User-ID on trusted zones

Answer : A, C, D

Question 7

A customer is adopting Microsoft Office 365 but is concerned about the potential security exposure that such a move could mean. The security analyst suggests using Aperture and the Palo Alto Network firewall together to provide data and network security.

What are the two reasons this solution has been suggested? (Choose two.)

AThe firewall secures data in transit between the network and the cloud.

BAperture prevents users from using non-sanctioned SaaS applications.

CThe firewall scans data that resides in the cloud for malware.

DAperture scans data that resides in the cloud for sensitive information.

Answer : A, B