PSE-STRATA-ASSOCIATE Online Practice Questions and Answers

Which feature allows a customer to gain visibility and respond to changes in user behavior or potential threats without manual policy changes?

A. User-ID agent

B. dynamic user groups (DUGs)

C. Lightweight Directory Access Protocol (LDAP) sync

D. dynamic address objects

Which traffic will be blocked when application-default service is set on a Security policy?

A. SSH traffic on TCP/22

B. HTTPS traffic on TCP/443

C. HTTP traffic on TCP/81

D. DNS traffic on UDP/53

Which of the following is an appropriate first step for a customer interested in moving to Zero Trust?

A. Ask administrators to switch on the Zero Trust options and features of their current products.

B. Secure the funding required to incorporate the new architecture into their existing networks.

C. Set priorities by identifying the most valuable and critical assets and data on their networks.

D. Request a statement ofcompliance from their IT vendors against the Zero Trust standard.

Which three key functions are processed as part of the Palo Alto Networks single-pass architecture (SPA)?

(Choose three.)

Select 3 Correct Responses

A. User-ID

B. Content-ID

C. Intruder-ID

D. Device-ID

E. Virus-ID

When deploying an Eval Next-Generation Firewall (NGFW) within a customer environment for the purpose of generating a Security Lifecycle Review (SLR) report, creation of which interface will not impact production traffic?

A. Layer 3 interface

B. SLR interface

C. virtual wire interface

D. TAP interface

In which two of the following scenarios is personal data excluded fromprotection under the General Data Protection Regulation (GDPR)?

Select 2 Correct Responses

A. The data was automated as part of an information filing system.

B. The data was generated in the course of a purely personal or household activity.

C. The data will be used for the prevention of criminal offenses.

D. The data is related to a person's economic or cultural identity.

To use App-ID effectively in Security policies, which three best practices should be followed? (Choose three.)

Select 3 Correct Responses

A. Use Expedition to migrate aport-based policy to PAN-OS.

B. Whenever possible, enable App-ID override.

C. Use phased transition to safely enable applications.

D. Use Policy Optimizer to migrate to an application-based policy.

E. After the application is specified in policy, set the 7service to "any".

Using a comprehensive range of natively-integratedsubscriptions and inline machine learning (ML), what does a Next-Generation Firewall (NGFW) use to prevent known and unknown threats in real time?

A. Cloud Delivered Security Services (CDSS)

B. Cloud Security Posture Management (CSPM)

C. Cloud NativeSecurity Platform (CNSP)

D. Cloud Identity Access Management (CIAM)

Which three of the following arefeatures of the Palo Alto Networks Next-Generation Firewall (NGFW) that differentiate it from a stateful inspection firewall? (Choose three.)

Select 3 Correct Responses

A. Login-ID

B. User-ID

C. App-ID

D. Network-ID

E. SSL/SSH Decrypt

What file is needed from a firewall to generate a Security Lifecycle Review (SLR) report when creating the SLR?

A. tech support file

B. Panorama plugin registration file

C. stats dump file

D. system process core file