Top Palo Alto Networks PSE-PrismaCloud Courses Online - Updated [Oct-2023]
PSE-PrismaCloud Practice Dumps - Verified By PassTorrent Updated 62 Questions
The PSE-PrismaCloud certification exam is an online, proctored exam that consists of 65 multiple-choice questions. PSE-PrismaCloud exam covers a range of topics, including cloud security, Prisma Cloud functions, and best practices for using the platform. PSE-PrismaCloud exam is designed to test your understanding of the Prisma Cloud platform and your ability to apply this knowledge in real-world scenarios.
NEW QUESTION # 27
Which three features are not supported by VM-Series NGFWs on Azure Stack? (Choose three.)
- A. Azure Application Insight
- B. ARM Template
- C. Azure Security Center
- D. Resource Group
- E. Bootstrapping
Answer: A,B,E
NEW QUESTION # 28
Which three types of security checks can Prisma Public Cloud perform? (Choose three.)
- A. network where
- B. user where
- C. compliance where
- D. config where
- E. event where
Answer: A,C,E
NEW QUESTION # 29
What resource is required to receive inbound traffic from the internet to VM-Series NGFW deployed as a gateway for Azure Stack workloads?
- A. NAT appliance
- B. Public IP for the VM-Series NGFW
- C. Azure Stack Edge Router
- D. Border Customer Network
Answer: A
NEW QUESTION # 30
How can you use Prisma Public Cloud to identify Amazon EC2 instances that have been tagged as "Private?
- A. Open the Asset Dashboard, filter on tags: and choose "Private."
- B. Create an RQL config query to identify resources with the tag "Private."
- C. Generate a CIS compliance report and review the "Asset Summary."
- D. Create an RQL network query to identify traffic from resources tagged "Private."
Answer: D
NEW QUESTION # 31
Prisma Public Cloud enables compliance monitoring and reporting by mapping which configurations to compliance standards?
- A. policies
- B. notification templates
- C. alert rules
- D. RQL queries
Answer: A
NEW QUESTION # 32
An administrator deploys a VM-Series firewall into Amazon Web Services. Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?
- A. tags
- B. elastic ip address
- C. security group
- D. source/destination checking
Answer: D
Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/de
NEW QUESTION # 33
Which framework in Prisma Public Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?
- A. HIPAA
- B. GDPR
- C. Payment Card Industry DSS V3
- D. CIS Benchmark
Answer: D
NEW QUESTION # 34
What are two ways to enable interface swap when deploying a VM-Series NGFW in Google Cloud Platform?
(Choose two.)
- A. run the PAN-OS CLI command: set system mgmt-interface-swap setting enable yes
- B. create a bootstrap file that includes the mgmt-interface-swap command
- C. run the PAN-OS CLI command: set system mgmt-interface-swap enable yes
- D. in the Google Cloud Console Metadata Field, enter a key-value pair where mgmt-interface-swap is the key and enable is the value
Answer: B,D
Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-google
NEW QUESTION # 35
Which three features are not supported by VM-Series NGFWs on Azure Stack? (Choose three.)
- A. Azure Application Insight
- B. Azure Security Center
- C. ARM Template
- D. Resource Group
- E. Bootstrapping
Answer: A,B,E
NEW QUESTION # 36
Which RQL string monitors all traffic from the Internet and Suspicious IPs destined for your Amazon Web Services databases?
- A. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest resource IN (resource where role IN ('AWS RDS'. 'Database'))
- B. network where dest.resource IN (resource where role = 'Database'}
- C. network where source.publicnetwork IN ('Suspicious IPs') and dest.resource IN (resource where role IN ('AWS RDS', 'Database'))
- D. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('LDAP'))
Answer: A
NEW QUESTION # 37
Based on the diagram, prioritize the order in which the Virtual Gateway evaluates the best route based on the deterministic B6P Path selection process.
Answer:
Explanation:
Explanation
longest, shortest, path, lowest multi, lowest peer
NEW QUESTION # 38
A client has a sensitive internet-facing application server in Microsoft Azure and is concerned about resource exhaustion because of distributed denial-of-service attacks What can be configured on the VM-Series firewall to specifically protect this server against this type of attack?
- A. QoS Profile to limit incoming requests
- B. Zone Protection Profile
- C. Custom threat signature
- D. DoS Protection Profile with specific session counts
Answer: B
NEW QUESTION # 39
What resource is required to receive inbound traffic from the internet to VM-Series NGFW deployed as a gateway for Azure Stack workloads?
- A. Public IP for the VM-Series NGFW
- B. Border Customer Network
- C. Azure Stack Edge Router
- D. NAT appliance
Answer: C
NEW QUESTION # 40
What are three examples of outbound traffic flow? (Choose three.)
- A. Microsoft Windows inside Azure requesting a security patch
- B. outgoing Prisma Public Cloud API calls
- C. issue apt-get install command on an instance inside Amazon Web Services
- D. issue yum update command on an instance inside Amazon Web Services
- E. web server inside Amazon Web Services receiving web requests from internet
Answer: B,C,D
NEW QUESTION # 41
What is required for an EC2 instance to access the internet directly from an AWS VPC?
- A. Internet Gateway
- B. Customer Gateway
- C. Transit Gateway
- D. Virtual Private Gateway
Answer: C
NEW QUESTION # 42
......
New (2023) Palo Alto Networks PSE-PrismaCloud Exam Dumps: https://www.passtorrent.com/PSE-PrismaCloud-latest-torrent.html
Updated PSE-PrismaCloud Exam Dumps - PDF Questions and Testing Engine: https://drive.google.com/open?id=17DrTosiQf9yxOX-jQpTUE1DDL4-7gaLk