PSE-Strata無料問題集「Palo Alto Networks System Engineer Professional

質問 1

Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides autoremediation for anomalous user behavior and malicious activity while maintaining user visibility?

（A）Dynamic user groups (DUGS)

（B）remote device User-ID groups

（C）dynamic address groups (DAGs)

（D）tagging groups

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A customer has business-critical applications that rely on the general web-browsing application. Which security profile can help prevent drive-by-downloads while still allowing web-browsing traffic?

（A）DoS Protection Profile

（B）File Blocking Profile

（C）URL Filtering Profile

（D）Vulnerability Protection Profile

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?

（A）Configure the Anti-Spyware profile with the number of rule counts to match the occurrence frequency

（B）Submit a request to Palo Alto Networks to change the behavior at the next update

（C）Add a correlation object that tracks the occurrences and triggers above the desired threshold

（D）Create a custom spyware signature matching the known signature with the time attribute

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

What is the basis for purchasing Cortex XDR licensing?

（A）volume of logs being processed based on Datalake purchased

（B）unlimited licenses

（C）number of NGFWs

（D）number of nodes and endpoints providing logs

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which three actions should be taken before deploying a firewall evaluation unt in a customer environment?
(Choose three.)

（A）Set expectations for information being presented in the Security Lifecycle Review (SLR) because personal user information will be made visible

（B）Upgrade the evaluation unit to the most current recommended firmware, unless a demo of the upgrade process is planned.

（C）Inform the customer that a SPAN port must be provided for the evaluation unit, assuming a TAP mode deployment.

（D）Request that the customer make part 3978 available to allow the evaluation unit to communicate with Panorama

（E）Reset the evaluation unit to factory default to ensure that data from any previous customer evaluation is removed

正解：A、B、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

in which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?

（A）Step 4. Create the Zero Trust policy.

（B）Step 2: Map the transaction flows.

（C）Step 1: Define the protect surface

（D）Step 3. Architect a Zero Trust network.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Select the BOM for the Prisma Access, to provide access for 5500 mobile users and 10 remote locations (100Mbps each) for one year, including Base Support and minimal logging. The customer already has 4x PA5220r 8x PA3220,1x Panorama VM for 25 devices.

（A）1x PAN-GPCS-USER-C-BAS-1YR, 1x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-LGS-1TB-1YR

（B）5500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x
PAN-LGS-1TB-1YR

（C）5500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x
PAN-SVC-BAS-PRA-25. 1x PAN-PRA-25

（D）5500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YRr 1x
PAN-LGS-1TB-1YR, 1x PAN-PRA-25, 1x PAN-SVC-BAS-PRA-25

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which three mechanisms are valid for enabling user mapping? (Choose three.)

（A）Reverse DNS lookup

（B）Captive Portal

（C）User behaviour recognition

（D）Client probing

（E）Domain server monitoring

正解：B、D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.
Which command returns a valid result to verify the ML is working from the command line.

（A）show mlav cloud-status

（B）show av cloud-status

（C）show wfml cloud-status

（D）show ml cloud-status

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types.
The customer uses a firewall with User-ID enabled
Which feature must also be enabled to prevent these attacks?

（A）Custom App-ID rules

（B）WildFire

（C）App-ID

（D）Content Filtering

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

PSE-Strata 無料問題集「Palo Alto Networks System Engineer Professional - Strata」

弊社を連絡する

関連リンク

トップ試験