Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PSE-SASE - Palo Alto Networks System Engineer Professional - SASE Exam

Paloalto Networks PSE-SASE Premium Access     Download Demo    
Page: 1 / 2
Total 65 questions

Which element of a secure access service edge (SASE)-enabled network provides true integration of services, not service chains, with combined services and visibility for all locations, mobile users, and the cloud?

A.

identity and network location

B.

broad network-edge support

C.

converged WAN edge and network security

D.

cloud-native, cloud-based delivery

What is an advantage of the Palo Alto Networks cloud-based security infrastructure?

A.

It provides comprehensive, scalable cloud security with flexible licensing options.

B.

It backhauls traffic to the corporate network.

C.

It allows for the elimination of data centers within five years of implementation.

D.

It increases the footprint of the security solution.

How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?

A.

Enable syslog on the Instant-On Network (ION) device.

B.

Use a zone-based firewall to export directly through application program interface (API) to the SIEM.

C.

Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.

D.

Use the centralized flow data-export tool built into the controller.

What is a disadvantage of proxy secure access service edge (SASE) when compared to an inline SASE solution?

A.

Proxies force policy actions to be treated as business decisions instead of compromises due to technical limitations.

B.

Teams added additional tools to web proxies that promised to solve point problems, resulting in a fragmented and ineffective security architecture.

C.

Proxy solutions require an unprecedented level of interconnectivity.

D.

Exclusive use of web proxies leads to significant blind spots in traffic and an inability to identify applications and threats on non-standard ports or across multiple protocols.

In which step of the Five-Step Methodology for implementing the Zero Trust model is the Kipling Method relevant?

A.

Step 3: Architect a Zero Trust network

B.

Step 5: Monitor and maintain the network

C.

Step 4: Create the Zero Trust policy

D.

Step 2: Map the transaction flows

Which product enables organizations to open unknown files in a sandbox environment and scan them for malware or other threats?

A.

network sandbox

B.

SD-WAN

C.

cloud access security broker (CASB)

D.

remote browser isolation

Which two actions take place after Prisma SD-WAN Instant-On Network (ION) devices have been deployed at a site? (Choose two.)

A.

The devices continually sync the information from directories, whether they are on-premise, cloud-based, or hybrid.

B.

The devices establish VPNs over private WAN circuits that share a common service provider.

C.

The devices automatically establish a VPN to the data centers over every internet circuit.

D.

The devices provide an abstraction layer between the Prisma SD-WAN controller and a particular cloud service.

Which element of Prisma Access enables both mobile users and users at branch networks to access resources in headquarters or a data center?

A.

User-ID

B.

private clouds

C.

App-ID

D.

service connections

What are two benefits of installing hardware fail-to-wire port pairs on Instant-On Network (ION) devices? (Choose two.)

A.

local area network (LAN) Dynamic Host Configuration Protocol (DHCP) and DHCP relay functionality

B.

control mode insertion without modification of existing network configuration

C.

network controller communication and monitoring

D.

ensures automatic failover when ION devices experience software or network related failure

Which two services are part of the Palo Alto Networks cloud-delivered security services (CDSS) package? (Choose two.)

A.

virtual desktop infrastructure (VDI)

B.

Internet of Things (IoT) Security

C.

Advanced URL Filtering (AURLF)

D.

security information and event management (SIEM)