PSE-STRATA Exam Questions

Which component is needed for a large-scale deployment of NGFWs with multiple Panorama Management Servers?

What is the correct behavior when a Palo Alto Networks next-generation firewall (NGFW) is unable to retrieve a DNS verdict from DNS service cloud in the configured lookup time?

What is an advantage public cloud WildFire has over the private WildFire appliance?

Which two platform components can identify and protect against malicious email links? (Choose two.)

A potential customer requires an NGFW solution that enables high-throughput, low-latency network security and also inspects the application. Which aspect of the Palo Alto Networks...

Which task would be included in the Best Practice Assessment (BPA) tool?

What is the key benefit of Palo Alto Networks single-pass architecture (SPA) design?

Which two actions should be taken prior to installing a decryption policy on an NGFW? (Choose two.)

Which two statements correctly describe what a Network Packet Broker does for a Palo Alto Networks NGFW? (Choose two.)

A large number of next-generation firewalls (NGFWs), along with Panorama and WildFire have been positioned for a prospective customer. The customer is concerned about storing retri...

What is used to choose the best path on a virtual router that has two or more different routes to the same destination?

A prospective customer wants to purchase a next-generation firewall (NGFW) and requires at least 2 million concurrent sessions with a minimum of 10Gbps of throughput with threat de...

What does WildFire block on a next-generation firewall (NGFW) that already has Advanced Threat Prevention (ATP) enabled?

A customer next-generation firewall (NGFW) proof-of-concept (POC) and final presentation have just been completed. Which CLI command is used to clear data, remove all logs, and res...

Which decryption requirement ensures that inspection can be provided to all inbound traffic routed to internal application and database servers?

Which statement describes how Palo Alto Networks can eliminate implicit user trust, regardless of user location?

Which two interface types can be associated to a virtual router? (Choose two.)

If a Palo Alto Networks Next-Generation Firewall (NGFW) already has Advanced Threat Prevention (ATP) enabled what is the throughput impact of also enabling Wildfire and Advanced UR...

Which two of the following are required when configuring the Domain Credential Filter method for preventing phishing attacks? (Choose two.)

Which Cloud Identity Engine service should be discussed if a prospect indicates they have an identity provider (IdP) that supports SAML 2.0?

What is a key benefit of the Single Pass Architecture (SPA) in PAN-OS?

A prospective customer with a limited budget has a remote office with 10 users and wants routing path redundancy. What should be recommended for this prospect?

Which Cloud-Delivered Security Service (CDSS) subscription will best help prevent an office location with more than 900 users from falling victim to phishing?

Which subscription allows for potential identification of zero-day malware?

Which tool can review an imported configuration and assist with identifying which application- based rules should be implemented?

Which step is necessary at the end of a proof-of-concept engagement?

Which deployment option of Advanced URL Filtering (AURLF) would help a prospect that actively uses PAC files?

What allows verification of machine learning (ML) functionality for WildFire during a proof of concept?

Which PAN-OS feature helps prevent user credential theft?