PSE-STRATA-ASSOCIATE Online Practice Questions and Answers

Which traffic will be blocked when application-default service is set on a Security policy?

A. SSH traffic on TCP/22

B. HTTPS traffic on TCP/443

C. HTTP traffic on TCP/81

D. DNS traffic on UDP/53

Which two of the following are ways that Palo Alto Networks CloudDelivered Security Services (CDSS) use confidential information collected from users? (Choose two.)

Select 2 Correct Responses

A. legal compliance

B. attack retaliation attribution

C. verification of entitlements

D. verification of applicant statements

Which of the following statements applies to WildFire Public Cloud verdicts?

A. They are unique to the affected Next-Generation Firewall (NGFW).

B. They are shared globally with all WildFire customers.

C. They must be manually downloaded from the WildFire portal.

D. They are automatically shared with third-party firewall vendors.

Which three key functions are processed as part of the Palo Alto Networks single-pass architecture (SPA)?

(Choose three.)

Select 3 Correct Responses

A. User-ID

B. Content-ID

C. Intruder-ID

D. Device-ID

E. Virus-ID

When deploying an Eval Next-Generation Firewall (NGFW) within a customer environment for the purpose of generating a Security Lifecycle Review (SLR) report, creation of which interface will not impact production traffic?

A. Layer 3 interface

B. SLR interface

C. virtual wire interface

D. TAP interface

To use App-ID effectively in Security policies, which three best practices should be followed? (Choose three.)

Select 3 Correct Responses

A. Use Expedition to migrate aport-based policy to PAN-OS.

B. Whenever possible, enable App-ID override.

C. Use phased transition to safely enable applications.

D. Use Policy Optimizer to migrate to an application-based policy.

E. After the application is specified in policy, set the 7service to "any".

Which path will generate a stats dump file on a Palo Alto Networks Next-Generation Firewall (NGFW)?

A. Device > Support > Generate Statsdump

B. Device > Statsdump > Generate Statsdump

C. Device > SLR > Generate Statsdump

D. Device > Files > Generate Statsdump

Which three of the following arefeatures of the Palo Alto Networks Next-Generation Firewall (NGFW) that differentiate it from a stateful inspection firewall? (Choose three.)

Select 3 Correct Responses

A. Login-ID

B. User-ID

C. App-ID

D. Network-ID

E. SSL/SSH Decrypt

The ability of a Next-Generation Firewall (NGFW) to logically group physical and virtual interfaces and then control traffic based on that grouping is known aswhat?

A. LLDP profiles

B. security zones

C. DHCP groups

D. security profile groups

What file is needed from a firewall to generate a Security Lifecycle Review (SLR) report when creating the SLR?

A. tech support file

B. Panorama plugin registration file

C. stats dump file

D. system process core file