PSE-STRATADC Online Practice Questions and Answers
Which option describes Arista's micro-segmentation?
A. Arista and VMware are extending secure segmentation with an open API (RESTZJSON)-based exchange, which allows NSX to federate with CloudVision to extend the micro-segmentation policy for physical workloads.
B. Arista and Kubernetes are extending secure segmentation with an open API (RESTVJSON)-based exchange, which allows Kubernetes to federate with CloudVision to extend the micro-segmentation policy for physical workloads.
C. Arista's micro-segmentation and macro-segmentation are identical concepts that can be used interchangeably
D. Arista and VMware both perform identical functions for NGFW micro-segmentation
Which two OpenStack components areused in the creation of a VM-Series firewall from a heat template in OpenStack? (Choose two)
A. Swift creates the storage resources.
B. Nova creates the firewall instance.
C. Horizon
D. Neutron creates the network resources.
Which three steps are valid for deploying a VM-Series firewall on NSX? (Choose three)
A. create steering policies to redirect traffic to the VM-Series firewall
B. create a vDC and a vApp that includes the VM-Series firewall
C. register the VM-Series firewall as a service
D. obtain the AMI from market place
E. enable communication between Panorama and the NSX Manager
Which three software components have integration for deploying a VM-Series firewall in OpenStack? (Choose three)
A. Mirantis OpenStack distribution
B. Nuage VSP SDN controller
C. VMWare NSX for OpenStack
D. Cisco ACI
E. Contrail SDN controller
Which protocol is used by VMware to encapsulate packets in NSX?
A. VRLAN
B. VXLAN
C. GRE
D. VMLAN
What are two types of security that can be implemented across every phase of the Build, Ship, and Run lifecycle of a workload? (Choose two)
A. Runtime Security
B. Firewalling
C. Vulnerability Management
D. Compliance or Configuration Management
Which interface mode does an administrator use to generate the statdump file that can be converted into an SLR?
A. Virtual Wire
B. TAP
C. Layer 2
D. Layer 3
How does Twistlock offer workload security at runtime?
A. works with the IDP to identify over-privileged containers and services and restricts network access
B. quarantines containers that demonstrate increased CPU and memory usage
C. automatically patches vulnerabilities and compliance issues for every container and service
D. builds a whitelist security model automatically for every container and service
A single VM runs a web server and a DNS server A separate VM needs to access the DNS server, but is
not allowed to access the web server.
What network control functionality is necessary to enforce this security posture?
A. can use a Palo Alto Networks NGFW for this requirement, but not a port filter firewall.
B. can use either a Palo Alto Networks NGFW or a port filler firewall for this requirement.
C. can use a port filter firewall for this requirement but not the Palo Alto Networks NGFW.
D. can use a specialized VM with advanced threat protection for this requirement
What are the differences between Prisma Cloud Enterprise and Prisma Cloud Compute?
A. The only difference is in the architecture - where the Console is hosted.
B. Prisma Cloud Compute offers lowered runtime defensive capabilities because there is no PANW cloud hosted component.
C. Prisma Cloud Enterprise does not offer workload protection.
D. Only Prisma Cloud Compute offers API based cloud protection.