PSE-STRATA-ASSOCIATE Online Practice Questions and Answers

Which feature allows a customer to gain visibility and respond to changes in user behavior or potential threats without manual policy changes?

A. User-ID agent

B. dynamic user groups (DUGs)

C. Lightweight Directory Access Protocol (LDAP) sync

D. dynamic address objects

Which section of a Security Lifecycle Review (SLR) report summarizes risk exposure by breaking down a detected attack on the network?

A. Advanced URL Filtering Analysis

B. SaaSApplications

C. Threats at a Glance

D. Applications that Introduce Risk

What is a technical benefit of User-ID in relation to policy control?

A. It matches traffic against policy to check whether it is allowed on the network.

B. It allows all users to designate view-only access to itinerant personnel.

C. It improves safe enablement of applications traversing the network.

D. It encrypts all private keys and passwords in the configuration.

A Human Resources (HR) application has the URL of https://hr.company.com:4433/.

How should the "Service" column of the Security policy be set to match and permit this application?

A. Define and then select a new custom Transmission Control Protocol (TCP) service with port 4433.

B. Edit "service-https" to use port 4433.

C. Set to "service-http".

D. Set to "application-defaults," which will locate and match the HR application.

Which path will generate a stats dump file on a Palo Alto Networks Next-Generation Firewall (NGFW)?

A. Device > Support > Generate Statsdump

B. Device > Statsdump > Generate Statsdump

C. Device > SLR > Generate Statsdump

D. Device > Files > Generate Statsdump

Which three of the following arefeatures of the Palo Alto Networks Next-Generation Firewall (NGFW) that differentiate it from a stateful inspection firewall? (Choose three.)

Select 3 Correct Responses

A. Login-ID

B. User-ID

C. App-ID

D. Network-ID

E. SSL/SSH Decrypt

Which of the following is an advantage of the Palo Alto Networks Next-Generation Firewall (NGFW)?

A. Docker containerscan be run on the hardware to add features.

B. It identifies applications by port number and protocol.

C. It is well positioned in the network to do more than provide access control.

D. Customers can create their own mix of security vendor products.

The ability of a Next-Generation Firewall (NGFW) to logically group physical and virtual interfaces and then control traffic based on that grouping is known aswhat?

A. LLDP profiles

B. security zones

C. DHCP groups

D. security profile groups

What file is needed from a firewall to generate a Security Lifecycle Review (SLR) report when creating the SLR?

A. tech support file

B. Panorama plugin registration file

C. stats dump file

D. system process core file

Which deployment method is used to integrate a firewall to be inline in an existing network but does not support additional routing or switching?

A. virtual wire

B. TAP mode

C. Layer 3

D. Layer 2