PSE-PRISMACLOUD Online Practice Questions and Answers
When protecting against attempts to exploit client-side and server-side vulnerabilities, what is the Palo Alto Networks best practice when using NGFW Vulnerability Protection Profiles?
A. Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats
B. Clone the predefined Strict Profile, with packet capture settings disabled
C. Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats
D. Clone the predefined Strict Profile, with packet capture settings enabled
Which regulatory framework in Prisma Public Cloud measures compliance with EU data privacy regulations in Amazon Web Services workloads?
A. GDPR
B. EU Data Protection Directive 95/46/EC
C. ISO 27001
D. Payment Card Industry 3.0
Which two cloud providers support Load Balancers as next hop configurations for outbound connections? (Choose two.)
A. Google Cloud Platform
B. Microsoft Azure
C. Oracle Cloud
D. Amazon Web Services
The customer has an Amazon Web Services Elastic Computing Cloud that provides a service to the internet directly and needs to secure that cloud with a VM-Series NGFW. Which component handles address translation?
A. The server VMs have private use only (RFC 1918) IPs. Amazon's cloud infrastructure translates those addresses to publicly accessible IP addresses. The VM-Series NGFW has publicly accessible IP addresses.
B. The server VMs have private use only (RFC 1918) IPs. The VM-Series NGFW translates those addresses to publicly accessible IP addresses.
C. The server VMs and the VM-Series NGFW have private use only (RFC 1918) IPs. Amazons cloud infrastructure translates those addresses to publicly accessible IP addresses
D. The servers and VM-Series NGFW have publicly accessible IP addresses for management purposes.
Which three services can Google Cloud Security Scanner assess? (Choose three.)
A. Google Kubernetes Engine
B. BigQuery
C. Compute Engine
D. App Engine
E. Google Virtual Private Cloud
A customer has just launched a Palo Alto Networks VM-Series NGFW into an Amazon Web Services VPC to protect a cloud hosted application. They are experiencing unpredictable results and have identified that the interfaces on the firewall are in the incorrect order Which PAN-OS CLI command resolves this issue?
A. set system setting mgmt-interface-swap enable yes
B. set mgmt-interface settings swap yes
C. set mgmt-interface swap yes
D. set system setting mgmt-interface swap yes
A client has a sensitive internet-facing application server in Microsoft Azure and is concerned about resource exhaustion because of distributed denial-of-service attacks What can be configured on the VM-Series firewall to specifically protect this server against this type of attack?
A. Custom threat signature
B. Zone Protection Profile
C. QoS Profile to limit incoming requests
D. DoS Protection Profile with specific session counts
Amazon Web Services WAF can be enabled on which two resources?(Choose two.)
A. AWS CDN
B. AWS NAT Gateway
C. AWS ALB
D. AWS NLB
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?
A. Palo Alto Networks provides full support if a valid support license is in place.
B. Support for the templates is available through Professional Services from Palo Alto Networks.
C. Unless otherwise noted, these templates are released under an as-is. best effort support policy.
D. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.