Palo Alto Networks System Engineer Professional - SASE v1.0 (PSE-SASE)

Page:    1 / 5   
Total 69 questions

In which step of the Five-Step Methodology for implementing the Zero Trust model are the services most valuable to the company defined?

  • A. Step 2: Map the transaction flows
  • B. Step 4: Create the Zero Trust policy
  • C. Step 5: Monitor and maintain the network
  • D. Step 1: Define the protect surface


Answer : D

How does the secure access service edge (SASE) security model provide cost savings to organizations?

  • A. The single platform reduces costs compared to buying and managing multiple point products.
  • B. The compact size of the components involved reduces overhead costs, as less physical space is needed.
  • C. The content inspection integration allows third-party assessment, which reduces the cost of contract services.
  • D. The increased complexity of the model over previous products reduces IT team staffing costs.


Answer : C

What happens when SaaS Security sees a new or unknown SaaS application?

  • A. It forwards the application for WildFire analysis.
  • B. It uses machine learning (ML) to classify the application.
  • C. It generates alerts regarding changes in performance.
  • D. It extends the branch perimeter to the closest node with high performance.


Answer : A

Which type of access allows unmanaged endpoints to access secured on-premises applications?

  • A. manual external gateway
  • B. secure web gateway (SWG)
  • C. GlobalProtect VPN for remote access
  • D. Prisma Access Clientless VPN


Answer : D

In which step of the Five-Step Methodology for implementing the Zero Trust model is the Kipling Method relevant?

  • A. Step 3: Architect a Zero Trust network
  • B. Step 5: Monitor and maintain the network
  • C. Step 4: Create the Zero Trust policy
  • D. Step 2: Map the transaction flows


Answer : C

What is a disadvantage of proxy secure access service edge (SASE) when compared to an inline SASE solution?

  • A. Proxies force policy actions to be treated as business decisions instead of compromises due to technical limitations.
  • B. Teams added additional tools to web proxies that promised to solve point problems, resulting in a fragmented and ineffective security architecture.
  • C. Proxy solutions require an unprecedented level of interconnectivity.
  • D. Exclusive use of web proxies leads to significant blind spots in traffic and an inability to identify applications and threats on non-standard ports or across multiple protocols.


Answer : D

Which product allows advanced Layer 7 inspection, access control, threat detection and prevention?

  • A. Infrastructure as a Service (IaaS)
  • B. remote browser isolation
  • C. network sandbox
  • D. Firewall as a Service (FWaaS)


Answer : D

What is a key benefit of CloudBlades?

  • A. automation of UI workflow without any code development and deployment of Prisma SD-WAN ION devices
  • B. utilization of near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats
  • C. identification of port-based rules so they can be converted to application-based rules without compromising application availability
  • D. configuration of the authentication source once instead of for each authentication method used


Answer : A

What is an advantage of the Palo Alto Networks cloud-based security infrastructure?

  • A. It provides comprehensive, scalable cloud security with flexible licensing options.
  • B. It backhauls traffic to the corporate network.
  • C. It allows for the elimination of data centers within five years of implementation.
  • D. It increases the footprint of the security solution.


Answer : A

What allows enforcement of policies based on business intent, enables dynamic path selection, and provides visibility into performance and availability for applications and networks?

  • A. Identity Access Management (IAM) methods
  • B. Firewall as a Service (FWaaS)
  • C. Instant-On Network (ION) devices
  • D. Cloud Access Security Broker (CASB)


Answer : B

What is a benefit of a cloud-based secure access service edge (SASE) infrastructure over a Zero Trust Network Access (ZTNA) product based on a software-defined perimeter (SDP) model?

  • A. Users, devices, and apps are identified no matter where they connect from.
  • B. Connection to physical SD-WAN hubs in ther locations provides increased interconnectivity between branch offices.
  • C. Complexity of connecting to a gateway is increased, providing additional protection.
  • D. Virtual private network (VPN) services are used for remote access to the internal data center, but not the cloud.


Answer : A

Which statement describes the data loss prevention (DLP) add-on?

  • A. It prevents phishing attacks by controlling the sites to which users can submit valid corporate credentials.
  • B. It employs automated policy enforcement to allow trusted behavior with a new Device-ID policy construct.
  • C. It is a centrally delivered cloud service with unified detection policies that can be embedded in existing control points.
  • D. It enables data sharing with third-party tools such as security information and event management (SIEM) systems.


Answer : C

In which step of the Five-Step Methodology for implementing the Zero Trust model does inspection and logging of all traffic take place?

  • A. Step 4: Create the Zero Trust policy
  • B. Step 3: Architect a Zero Trust network
  • C. Step 1: Define the protect surface
  • D. Step 5: Monitor and maintain the network


Answer : D

In an SD-WAN deployment, what allows customers to modify resources in an automated fashion instead of logging on to a central controller or using command-line interface (CLI) to manage all their configurations?

  • A. dynamic user group (DUG)
  • B. DNS server
  • C. application programming interface (API)
  • D. WildFire


Answer : A

Which App Response Time metric is the measure of network latency?

  • A. Round Trip Time (RTT)
  • B. Server Response Time (SRT)
  • C. Network Transfer Time (NTTn)
  • D. UDP Response Time (UDP-TRT)


Answer : A

Page:    1 / 5   
Total 69 questions