PSE-STRATA Exam Questions

An Administrator needs a PDF summary report that contains information compiled from existing reports based on data for the Top five(5) in each category. Which two timeframe options...

The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile informatio...

Which Palo Alto Networks pre-sales tool involves approximately 4 hour interview to discuss a customer's current security posture?

Access to a business site is blocked by URL Filtering inline machine learning (ML) and considered as a false-positive. How should the site be made available?

Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)

Which three mechanisms are valid for enabling user mapping? (Choose three.)

Which three of the following actions must be taken to enable Credential Phishing Prevention? (Choose three.)

Which two configuration elements can be used to prevent abuse of stolen credentials? (Choose two.)

What are two benefits of the sinkhole Internet Protocol (IP) address that DNS Security sends to the client in place of malicious IP addresses? (Choose two.)

A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues. How does the platform address the customer's concern?

WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto N...

A Fortune 500 customer has expressed interest in purchasing WildFire; however, they do not want to send discovered malware outside of their network. Which version of WildFire will...

Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture. What are two steps in this process? (Choose tw...

Which proprietary technology solutions will allow a customer to identify and control traffic sources regardless of internet protocol (IP) address or network segment?

When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can be logged?

Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?

WildFire can discover zero-day malware in which three types of traffic? (Choose three)

In Panorama, which three reports or logs will help identify the inclusion of a host source in a command-and-control (C2) incident? (Choose three.)

What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?

Which of the following statements is valid with regard to Domain Name System (DNS) sinkholing?

A customer with a fully licensed Palo Alto Networks firewall is concerned about threats based on domain generation algorithms (DGAS). Which Security profile is used to configure Do...

Which three actions should be taken before deploying a firewall evaluation unt in a customer environment? (Choose three.)

Which statement best describes the business value of Palo Alto Networks Zero Touch Provisioning (ZTP)?

In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains? (Choose three.)

What will best enhance security of a production online system while minimizing the impact for the existing network?

Which Security profile on the Next-Generation Firewall (NGFW) includes Signatures to protect against brute force attacks?

A prospective customer currently uses a firewall that provides only Layer 4 inspection and protections. The customer sees traffic going to an external destination, port 53, but can...

Which solution informs a customer concerned about zero-day targeted attacks whether an attack is specifically targeted at its property?

A customer requires protections and verdicts for portable executable (PE) and executable and linkable format (ELF), as well as the ability to integrate with existing security tools...

A WildFire subscription is required for which two of the following activities? (Choose two)

Within the Five-Step Methodology of Zero Trust, in which step would application access and user access be defined?

Which two features are key in preventing unknown targeted attacks? (Choose two)

A customer is designing a private data center to host their new web application along with a separate headquarters for users. Which cloud-delivered security service (CDSS) would be...

Which two methods are used to check for Corporate Credential Submissions? (Choose two.)

Which CLI command allows visibility into SD-WAN events such as path Selection and path quality measurements?

A customer requires an analytics tool with the following attributes: - Uses the logs on the firewall to detect actionable events on the network - Automatically processes a series o...

What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

Which Palo Alto Networks security component should an administrator use to and NGFW policies to remote users?

The ability to prevent users from resolving internet protocol (IP) addresses to malicious, grayware, or newly registered domains is provided by which Security service?

in which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?

Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides autoremediation for anomalous user behavior and malicious activity while maintaining...

What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?

What is the default behavior in PAN-OS when a 12 MB portable executable (PE) fe is forwarded to the WildFire cloud service?

What is an advantage of having WildFire machine learning (ML) capability Inline on the firewall?

Which three script types can be analyzed in WildFire? (Choose three)

What are two ways to manually add and remove members of dynamic user groups (DUGs)? (Choose two)

A packet that is already associated with a current session arrives at the firewall. What is the flow of the packet after the firewall determines that it is matched with an existing...

What helps avoid split brain in active / passive high availability (HA) pair deployment?

The Palo Ao Networks Cloud Identity Engino (CIE) includes which service that supports identity Providers (ldP)?