Try Free and Start Using Realistic Verified PSE-Strata-Associate Dumps Instantly
PSE-Strata-Associate Actual Questions - Instant Download 37 Questions
NEW QUESTION # 15
A Human Resources (HR) application has the URL of https://hr.company.com:4433/.
How should the "Service" column of the Security policy be set to match and permit this application?
- A. Set to "application-defaults," which will locate and match the HR application.
- B. Set to "service-http".
- C. Define and then select a new custom Transmission Control Protocol (TCP) service with port 4433.
- D. Edit "service-https" to use port 4433.
Answer: C
NEW QUESTION # 16
Which three key functions are processed as part of the Palo Alto Networks single-pass architecture (SPA)?
(Choose three.)
Select 3 Correct Responses
- A. Device-ID
- B. Virus-ID
- C. Content-ID
- D. Intruder-ID
- E. User-ID
Answer: A,C,E
NEW QUESTION # 17
Using a comprehensive range of natively-integrated subscriptions and inline machine learning (ML), what does a Next-Generation Firewall (NGFW) use to prevent known and unknown threats in real time?
- A. Cloud Delivered Security Services (CDSS)
- B. Cloud Identity Access Management (CIAM)
- C. Cloud Native Security Platform (CNSP)
- D. Cloud Security Posture Management (CSPM)
Answer: A
NEW QUESTION # 18
What file is needed from a firewall to generate a Security Lifecycle Review (SLR) report when creating the SLR?
- A. Panorama plugin registration file
- B. system process core file
- C. stats dump file
- D. tech support file
Answer: C
NEW QUESTION # 19
A firewall enabled as a decryption broker will take which of the following actions?
- A. forward clear text traffic to security chains for additional enforcement
- B. monitor the state of active connections to determine which network packets to allow through
- C. correlate a series of related threat events that indicate a likely compromised host on the network
- D. identify potential denial-of-service (DoS) attacks and take protective action
Answer: C
NEW QUESTION # 20
A customer interested in Panorama is concerned about managing multiple firewalls they are putting in place globally. Each location has its own IP addresses, zones, and VPN configurations.
Which element of Panorama will assist the customer in pushing this unique configuration information to the individual firewalls?
- A. templates
- B. device groups
- C. device profile
- D. GlobalProtect
Answer: A
NEW QUESTION # 21
Which subscription should be activated when a predefined, known malicious IP address is updated?
- A. Threat Prevention
- B. Cortex Data Lake
- C. URL Filtering
- D. WildFire
Answer: C
NEW QUESTION # 22
Which traffic will be blocked when application-default service is set on a Security policy?
- A. HTTP traffic on TCP/81
- B. HTTPS traffic on TCP/443
- C. DNS traffic on UDP/53
- D. SSH traffic on TCP/22
Answer: A
NEW QUESTION # 23
Which of the following is an advantage of the Palo Alto Networks Next-Generation Firewall (NGFW)?
- A. Customers can create their own mix of security vendor products.
- B. It is well positioned in the network to do more than provide access control.
- C. Docker containers can be run on the hardware to add features.
- D. It identifies applications by port number and protocol.
Answer: B
NEW QUESTION # 24
The Security Operations Center (SOC) has noticed that a user has large amounts of data going to and coming from an external encrypted website. The SOC would like to identify the data being sent to and received from this website.
Which Secure Sockets Layer (SSL) decryption method supported by Palo Alto Networks would allow the SOC to see this data?
- A. Web Proxy
- B. Certificate Proxy
- C. Inbound Proxy
- D. Forward Proxy
Answer: D
NEW QUESTION # 25
Which of the following statements applies to enabling App-ID on a Next-Generation Firewall (NGFW)?
- A. An App-ID subscription must be purchased and enabled.
- B. No additional purchase is required, but App-ID must be enabled for the customer to use it.
- C. No configuration is required, because App-ID is always enabled by default.
- D. A Threat Protection license must be purchased and enabled.
Answer: C
NEW QUESTION # 26
Which of the following is an appropriate first step for a customer interested in moving to Zero Trust?
- A. Request a statement of compliance from their IT vendors against the Zero Trust standard.
- B. Ask administrators to switch on the Zero Trust options and features of their current products.
- C. Secure the funding required to incorporate the new architecture into their existing networks.
- D. Set priorities by identifying the most valuable and critical assets and data on their networks.
Answer: A
NEW QUESTION # 27
Which section of a Security Lifecycle Review (SLR) report summarizes risk exposure by breaking down a detected attack on the network?
- A. Advanced URL Filtering Analysis
- B. SaaS Applications
- C. Threats at a Glance
- D. Applications that Introduce Risk
Answer: C
NEW QUESTION # 28
Which Next-Generation Firewall (NGFW) deployment model allows an organization to monitor traffic during evaluations without interruption to network traffic?
- A. virtual wire
- B. Layer 3
- C. Layer 2
- D. TAP mode
Answer: D
NEW QUESTION # 29
......
Download Free Latest Exam PSE-Strata-Associate Certified Sample Questions: https://dumpsvce.exam4free.com/PSE-Strata-Associate-valid-dumps.html
