Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Latest PSE-Strata-Pro-24 Questions

Palo Alto Networks Systems Engineer Professional - Hardware Firewall Questions and Answers

Question 9

What does Policy Optimizer allow a systems engineer to do for an NGFW?

Options:

A.

Recommend best practices on new policy creation

B.

Show unused licenses for Cloud-Delivered Security Services (CDSS) subscriptions and firewalls

C.

Identify Security policy rules with unused applications

D.

Act as a migration tool to import policies from third-party vendors

Question 10

Which use case is valid for Palo Alto Networks Next-Generation Firewalls (NGFWs)?

Options:

A.

Code-embedded NGFWs provide enhanced internet of things (IoT) security by allowing PAN-OS code to be run on devices that do not support embedded virtual machine (VM) images.

B.

Serverless NGFW code security provides public cloud security for code-only deployments that do not leverage virtual machine (VM) instances or containerized services.

C.

IT/OT segmentation firewalls allow operational technology resources in plant networks to securely interface with IT resources in the corporate network.

D.

PAN-OS GlobalProtect gateways allow companies to run malware and exploit prevention modules on their endpoints without installing endpoint agents.

Question 11

Which technique is an example of a DNS attack that Advanced DNS Security can detect and prevent?

Options:

A.

High entropy DNS domains

B.

Polymorphic DNS

C.

CNAME cloaking

D.

DNS domain rebranding

Question 12

Which two methods are valid ways to populate user-to-IP mappings? (Choose two.)

Options:

A.

XML API

B.

Captive portal

C.

User-ID

D.

SCP log ingestion