Palo Alto Networks PSE Strata - Palo Alto Networks System Engineer Professional - Strata Exam
Page: 2 / 28
Total 136 questions
Question #6 (Topic: Single Topic)
What two types of certificates are used to configure SSL Forward Proxy? (׀¡hoose two.)
A. Enterprise CA-signed certificates
B. Self-Signed certificates
C. Intermediate certificates
D. Private key certificates
Answer: AB
Question #7 (Topic: Single Topic)
Which two of the following does decryption broker provide on a NGFW? (Choose two.)
A. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic only once
B. Eliminates the need for a third party SSL decryption option which allows you to reduce the total number of third party devices performing analysis and enforcement
C. Provides a third party SSL decryption option which allows you to increase the total number of third party devices performing analysis and enforcement
D. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic multiple times
Answer: AB
Question #8 (Topic: Single Topic)
There are different Master Keys on Panorama and managed firewalls.
What is the result if a Panorama Administrator pushes configuration to managed firewalls?
What is the result if a Panorama Administrator pushes configuration to managed firewalls?
A. The push operation will fail regardless of an error or not within the configuration itself
B. Provided thereג€™s no error within the configuration to be pushed, the push will succeed
C. The Master Key from the managed firewalls will be overwritten with the Master Key from Panorama
D. There will be a popup to ask if the Master Key from the Panorama should replace the Master Key from the managed firewalls
Answer: A
Question #9 (Topic: Single Topic)
Which task would be identified in Best Practice Assessment tool?
A. identify the visibility and presence of command-and-control sessions
B. identify sanctioned and unsanctioned SaaS applications
C. identify the threats associated with each application
D. identify and provide recommendations for device management access
Answer: B
Question #10 (Topic: Single Topic)
A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?
How is this goal accomplished?
A. Create a custom spyware signature matching the known signature with the time attribute
B. Add a correlation object that tracks the occurrences and triggers above the desired threshold
C. Submit a request to Palo Alto Networks to change the behavior at the next update
D. Configure the Anti-Spyware profile with the number of rule counts to match the occurrence frequency
Answer: A
