[2023年02月21日] 最新のPSE-SASE試験の的確なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE ProfessionalのPDF問題
PSE-SASE試験問題を練習するならGoShiken顕著なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE Professional試験練習問題集
質問 17
Which CLI command allows visibility into SD-WAN events such as path selection and path quality measurements?
- A. >show sdwan event
- B. >show sdwan connection all |
- C. >show sdwan path-monitor stats vif
- D. >show sdwan session distribution policy-name
正解: A
質問 18
Which type of access allows unmanaged endpoints to access secured on-premises applications?
- A. manual external gateway
- B. Prisma Access Clientless VPN
- C. secure web gateway (SWG)
- D. GlobalProtect VPN for remote access
正解: B
質問 19
What are two ways service connections and remote network connections differ? (Choose two.)
- A. Remote network connections provide secondary WAN options, but service connections use backup service connection for redundancy.
- B. Service connections support both OSPF and BGP for routing protocols, but remote networks support only BGP.
- C. An on-premises resource cannot originate a connection to the internet over a service connection.
- D. Remote network connections enforce security policies, but service connections do not.
正解: A
質問 20
What happens when SaaS Security sees a new or unknown SaaS application?
- A. It forwards the application for WildFire analysis.
- B. It generates alerts regarding changes in performance.
- C. It uses machine learning (ML) to classify the application.
- D. It extends the branch perimeter to the closest node with high performance.
正解: A
質問 21
Which product continuously monitors each segment from the endpoint to the application and identifies baseline metrics for each application?
- A. Autonomous Digital Experience Management (ADEM)
- B. CloudBlades
- C. WildFire
- D. App-ID Cloud Engine (ACE)
正解: A
質問 22
Which statement describes the data loss prevention (DLP) add-on?
- A. It enables data sharing with third-party tools such as security information and event management (SIEM) systems.
- B. It employs automated policy enforcement to allow trusted behavior with a new Device-ID policy construct.
- C. It is a centrally delivered cloud service with unified detection policies that can be embedded in existing control points.
- D. It prevents phishing attacks by controlling the sites to which users can submit valid corporate credentials.
正解: C
質問 23
Organizations that require remote browser isolation (RBI) to protect their users can automate connectivity to third-party RBI products with which platform?
- A. GlobalProtect
- B. SaaS Security API
- C. CloudBlades API
- D. Zero Trust
正解: D
質問 24
Which element of a secure access service edge (SASE)-enabled network provides true integration of services, not service chains, with combined services and visibility for all locations, mobile users, and the cloud?
- A. converged WAN edge and network security
- B. identity and network location
- C. broad network-edge support
- D. cloud-native, cloud-based delivery
正解: D
質問 25
What is a benefit of deploying secure access service edge (SASE) with a secure web gateway (SWG) over a SASE solution without a SWG?
- A. Protection is offered in the cloud through a unified platform for complete visibility and precise control over web access while enforcing security policies that protect users from hostile websites.
- B. It prepares the keys and certificates required for decryption, creating decryption profiles and policies, and configuring decryption port mirroring.
- C. A heartbeat connection between the firewall peers ensures seamless failover in the event that a peer goes down.
- D. It creates tunnels that allow users and systems to connect securely over a public network as if they were connecting over a local area network (LAN).
正解: A
質問 26
A customer currently uses a third-party proxy solution for client endpoints and would like to migrate to Prisma Access to secure mobile user internet-bound traffic.
Which recommendation should the Systems Engineer make to this customer?
- A. With the mobile user license, set up a corporate access node.
- B. With the mobile user license, set up explicit proxy.
- C. With the explicit proxy license, set up a service connection.
- D. With the explicit proxy license add-on, set up GlobalProtect.
正解: B
質問 27
What is a benefit of the Palo Alto Networks secure access service edge (SASE) solution's ability to provide insight into SD-WAN and network security metrics while highlighting critical issues across all managed tenants?
- A. It simplifies workflows and instantly automates common use cases with hundreds of prebuilt playbooks.
- B. It helps protect inbound, outbound, and east-west traffic between container workload types in Kubernetes environments without slowing development speed.
- C. It helps managed service providers (MSPs) accelerate troubleshooting and meet service level agreements (SLAs) for all their customers.
- D. It rearchitects the way signatures are delivered, performing updates and streaming them to the firewall within seconds after the analysis is done.
正解: C
質問 28
How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?
- A. Use the centralized flow data-export tool built into the controller.
- B. Use a zone-based firewall to export directly through application program interface (API) to the SIEM.
- C. Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.
- D. Enable syslog on the Instant-On Network (ION) device.
正解: D
質問 29
What are two benefits provided to an organization using a secure web gateway (SWG)? (Choose two.)
- A. Access to inappropriate websites or content is blocked based on acceptable use policies.
- B. An encrypted challenge-response mechanism obtains user credentials from the browser.
- C. Security policies for making internet access safer are enforced.
- D. VPNs remain connected, reducing user risk exposure.
正解: A,C
質問 30
What is an advantage of the unified approach of the Palo Alto Networks secure access service edge (SASE) platform over the use of multiple point products?
- A. It allows for automation of ticketing tasks and management of tickets without pivoting between various consoles.
- B. It turns threat intelligence and external attack surface data into an intelligent data foundation to dramatically accelerate threat response.
- C. It scans all traffic, ports, and protocols and automatically discovers new apps.
- D. It reduces network and security complexity while increasing organizational agility.
正解: D
質問 31
The Cortex Data Lake sizing calculator for Prisma Access requires which three values as inputs? (Choose three.)
- A. retention period for the logs to be stored
- B. number of mobile users purchased
- C. number of log-forwarding destinations
- D. cloud-managed or Panorama-managed deployment
- E. throughput of remote networks purchased
正解: A,B,E
質問 32
How does a secure web gateway (SWG) protect users from web-based threats while still enforcing corporate acceptable use policies?
- A. It uses a cloud-based machine learning (ML)-powered web security engine to perform ML-based inspection of web traffic in real-time.
- B. Users access the SWG, which then connects the user to the website while still performing security measures.
- C. It prompts the browser to present a valid client certificate to authenticate the user.
- D. Users are mapped via server logs for login events and syslog messages from authenticating services.
正解: B
質問 33
A customer currently has 150 Mbps of capacity at a site. Records show that, on average, a total of 30 Mbps of bandwidth is used for the two links.
What is the appropriate Prisma SD-WAN license for this site?
- A. 250 Mbps
- B. 175 Mbps
- C. 50 Mbps
- D. 25 Mbps
正解: C
質問 34
Which App Response Time metric measures the amount of time it takes to transfer incoming data from an external server to a local client?
- A. UDP Response Time (UDP-TRT)
- B. Round Trip Time (RTT)
- C. Server Response Time (SRT)
- D. Network Transfer Time (NTTn)
正解: B
質問 35
......
試験問題と解答はPSE-SASE学習ガイド問題解答:https://www.goshiken.com/Palo-Alto-Networks/PSE-SASE-mondaishu.html