palo alto networks PSE-STRATA Exam Questions

Questions for the PSE-STRATA were updated on : May 23 ,2024

Page 1 out of 10. Viewing questions 1-10 out of 91

Question 1

Which three settings must be configured to enable Credential Phishing Prevention? (Choose three.)

  • A. validate credential submission detection
  • B. enable User-ID
  • C. define an SSL decryption rulebase
  • D. define URL Filtering Profile
  • E. Enable App-ID
Answer:

abd

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/threat-prevention/prevent-credential-phishing.html

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 2

In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

  • A. HA3
  • B. HA1
  • C. HA2
  • D. HA4
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/high-availability-for-vm-series-firewall-on- aws/configure-activepassive-ha-on-aws.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Palo Alto Networks publishes updated Command-and-Control signatures.
How frequently should the related signatures schedule be set?

  • A. Once an hour
  • B. Once a day
  • C. Once a week
  • D. Once every minute
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which three features are used to prevent abuse of stolen credentials? (Choose three.)

  • A. multi-factor authentication
  • B. URL Filtering Profiles
  • C. WildFire Profiles
  • D. Prisma Access
  • E. SSL decryption rules
Answer:

ace

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://www.paloaltonetworks.com/company/press/2017/palo-alto-networks-delivers-industry-first-capabilities-to-prevent-credential-theft-and-abuse

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5

What aspect of PAN-OS allows for the NGFW admin to create a policy that provides auto-remediation for anomalous user behavior and malicious activity while maintaining user visibility?

  • A. Remote Device UserID Agent
  • B. user-to-tag mapping
  • C. Dynamic User Groups
  • D. Dynamic Address Groups
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

In which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data applications assets, and services (DAAS) be identified?

  • A. Step 2: Map the transaction flows
  • B. Step 4: Create the Zero Trust policy
  • C. Step 1: Define the protect surface
  • D. Step 3: Architect a Zero Trust network
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

A customer is designing a private data center to host their new web application along with a separate headquarters for users.
Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?

  • A. WildFire
  • B. Threat Prevention
  • C. Advanced URL Filtering (AURLF)
  • D. DNS Security
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which two of the following does decryption broker provide on a NGFW? (Choose two.)

  • A. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic only once
  • B. Eliminates the need for a third party SSL decryption option which allows you to reduce the total number of third party devices performing analysis and enforcement
  • C. Provides a third party SSL decryption option which allows you to increase the total number of third party devices performing analysis and enforcement
  • D. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic multiple times
Answer:

ab

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/decryption-broker.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which two features are key in preventing unknown targeted attacks? (Choose two.)

  • A. Single Pass Parallel Processing (SP3)
  • B. nightly botnet report
  • C. App-ID with the Zero Trust model
  • D. WildFire Cloud threat analysis
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

A customer is concerned about zero-day targeted attacks against its intellectual property.
Which solution informs a customer whether an attack is specifically targeted at them?

  • A. Cortex XDR Prevent
  • B. AutoFocus
  • C. Cortex XSOAR Community edition
  • D. Panorama Correlation Report
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2