Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PSE-StrataDC - Palo Alto Networks System Engineer Professional - Strata Data Center

Paloalto Networks PSE-StrataDC Premium Access     Download Demo    
Page: 1 / 2
Total 60 questions

A single VM runs a web server and a DNS server A separate VM needs to access the DNS server, but is not allowed to access the web server What network control functionality is necessary to enforce this security posture'?

A.

can use a Palo Alto Networks NGFW for this requirement, but not a port filter firewall.

B.

can use either a Palo Alto Networks NGFW or a port filler firewall for this requirement.

C.

can use a port filter firewall for this requirement but not the Palo Alto Networks NGFW.

D.

can use a specialized VM with advanced threat protection for this requirement

A company allows employees some personal use of the internet during work time However the CEO is concerned that employees are using too much of the bandwidth for YouTube. thus causing a performance problem. Which section of the SLR could confirm or allay this concern?

A.

Categories with the Most Applications

B.

Categories Consuming the Most Bandwidth

C.

Bandwidth Consumed by Applications

D.

High-Risk Applications

Which VM-Series can be deployed on VMware NSX?

A.

VM-100, VM-200, VM-300. VM-500. VM-1000-HV

B.

VM-50r VM-100, VM-200, VM-300, VM-500

C.

VM-100, VM-200, VM-300, VM-500, VM-700

D.

All VM Series Models can be deployed on VMware NSX

Which are two use cases for HSCI ports on the SMC module on PA-7000 Series? (Choose two )

A.

HA1 backup link in active/active HA

B.

HA1 link in active/passive HA

C.

HA3 link in active/active HA

D.

HA2 link in active/passive HA

Is vulnerability analysis against images in the registry sufficient for security?

A.

Yes, containers do not have unique vulnerabilities.

B.

No, you should do vulnerability analysis only against the running containers, which are vulnerable.

C.

Yes, you are ensuring that the images the containers are based on are secure.

D.

No, you need to do analysis in the CI system, in the registry, and against instantiated containers

Why are containers uniquely suitable for whitelist-based runtime security?

A.

Developers typically define the processes used in their containers within the Dockerfile

B.

Docker has a built-in runtime analysis capability to aid in whitelisting.

C.

Containers typically have only a few defined processes that should ever be executed.

D.

Operations teams typically know what processes are used within a container

In a VMware deployment, in order for the customer to get maximum performance out of a VM-700 firewall in PAN-OS 8 x how many virtual CPU cores can be used?

A.

8

B.

3

C.

32

D.

16

How does Palo Alto Networks integrate with VXLAN tagging?

A.

does not integrate with VXLAN tagging, so virtual appliances cannot be provided, but hardware appliances can be offered at the data center gateway border

B.

integrates with VXLAN. but scripting is necessary, and Professional Services should be engaged

C.

integrates fully into VXLAN architectures if they are provided by VMware

D.

does not integrate natively with VXLAN tagging, network equipment can convert VXLAN flows to VLANs and send those VLANs to Palo Alto Networks firewalls

When deploying VM series on NSX platform to support micro-segmentation, which statement is NOT correct?

A.

VM-Series uses NetX API to receive and send packets

B.

Traffic steering rules could be defined on Panorama and pushed to NSX Manager

C.

VM-Series provide Multi-tenancy support with multiple zones

D.

One panorama could support to connect with only one NSX manager

What are two types of security that can be implemented across every phase of the Build, Ship, and Run lifecycle of a workload? (Choose two )

A.

Runtime Security

B.

Firewalling

C.

Vulnerability Management

D.

Compliance or Configuration Management