• ホーム
  • ブログ
  • [2023年02月21日] 最新のPSE-SASE試験の的確なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE ProfessionalのPDF問題 [Q17-Q35]

[2023年02月21日] 最新のPSE-SASE試験の的確なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE ProfessionalのPDF問題 [Q17-Q35]

Share

[2023年02月21日] 最新のPSE-SASE試験の的確なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE ProfessionalのPDF問題

PSE-SASE試験問題を練習するならGoShiken顕著なPalo Alto Networks Accredited Systems Engineer (PSE) - SASE Professional試験練習問題集

質問 17
Which CLI command allows visibility into SD-WAN events such as path selection and path quality measurements?

  • A. >show sdwan event
  • B. >show sdwan connection all |
  • C. >show sdwan path-monitor stats vif
  • D. >show sdwan session distribution policy-name

正解: A

 

質問 18
Which type of access allows unmanaged endpoints to access secured on-premises applications?

  • A. manual external gateway
  • B. Prisma Access Clientless VPN
  • C. secure web gateway (SWG)
  • D. GlobalProtect VPN for remote access

正解: B

 

質問 19
What are two ways service connections and remote network connections differ? (Choose two.)

  • A. Remote network connections provide secondary WAN options, but service connections use backup service connection for redundancy.
  • B. Service connections support both OSPF and BGP for routing protocols, but remote networks support only BGP.
  • C. An on-premises resource cannot originate a connection to the internet over a service connection.
  • D. Remote network connections enforce security policies, but service connections do not.

正解: A

 

質問 20
What happens when SaaS Security sees a new or unknown SaaS application?

  • A. It forwards the application for WildFire analysis.
  • B. It generates alerts regarding changes in performance.
  • C. It uses machine learning (ML) to classify the application.
  • D. It extends the branch perimeter to the closest node with high performance.

正解: A

 

質問 21
Which product continuously monitors each segment from the endpoint to the application and identifies baseline metrics for each application?

  • A. Autonomous Digital Experience Management (ADEM)
  • B. CloudBlades
  • C. WildFire
  • D. App-ID Cloud Engine (ACE)

正解: A

 

質問 22
Which statement describes the data loss prevention (DLP) add-on?

  • A. It enables data sharing with third-party tools such as security information and event management (SIEM) systems.
  • B. It employs automated policy enforcement to allow trusted behavior with a new Device-ID policy construct.
  • C. It is a centrally delivered cloud service with unified detection policies that can be embedded in existing control points.
  • D. It prevents phishing attacks by controlling the sites to which users can submit valid corporate credentials.

正解: C

 

質問 23
Organizations that require remote browser isolation (RBI) to protect their users can automate connectivity to third-party RBI products with which platform?

  • A. GlobalProtect
  • B. SaaS Security API
  • C. CloudBlades API
  • D. Zero Trust

正解: D

 

質問 24
Which element of a secure access service edge (SASE)-enabled network provides true integration of services, not service chains, with combined services and visibility for all locations, mobile users, and the cloud?

  • A. converged WAN edge and network security
  • B. identity and network location
  • C. broad network-edge support
  • D. cloud-native, cloud-based delivery

正解: D

 

質問 25
What is a benefit of deploying secure access service edge (SASE) with a secure web gateway (SWG) over a SASE solution without a SWG?

  • A. Protection is offered in the cloud through a unified platform for complete visibility and precise control over web access while enforcing security policies that protect users from hostile websites.
  • B. It prepares the keys and certificates required for decryption, creating decryption profiles and policies, and configuring decryption port mirroring.
  • C. A heartbeat connection between the firewall peers ensures seamless failover in the event that a peer goes down.
  • D. It creates tunnels that allow users and systems to connect securely over a public network as if they were connecting over a local area network (LAN).

正解: A

 

質問 26
A customer currently uses a third-party proxy solution for client endpoints and would like to migrate to Prisma Access to secure mobile user internet-bound traffic.
Which recommendation should the Systems Engineer make to this customer?

  • A. With the mobile user license, set up a corporate access node.
  • B. With the mobile user license, set up explicit proxy.
  • C. With the explicit proxy license, set up a service connection.
  • D. With the explicit proxy license add-on, set up GlobalProtect.

正解: B

 

質問 27
What is a benefit of the Palo Alto Networks secure access service edge (SASE) solution's ability to provide insight into SD-WAN and network security metrics while highlighting critical issues across all managed tenants?

  • A. It simplifies workflows and instantly automates common use cases with hundreds of prebuilt playbooks.
  • B. It helps protect inbound, outbound, and east-west traffic between container workload types in Kubernetes environments without slowing development speed.
  • C. It helps managed service providers (MSPs) accelerate troubleshooting and meet service level agreements (SLAs) for all their customers.
  • D. It rearchitects the way signatures are delivered, performing updates and streaming them to the firewall within seconds after the analysis is done.

正解: C

 

質問 28
How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?

  • A. Use the centralized flow data-export tool built into the controller.
  • B. Use a zone-based firewall to export directly through application program interface (API) to the SIEM.
  • C. Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.
  • D. Enable syslog on the Instant-On Network (ION) device.

正解: D

 

質問 29
What are two benefits provided to an organization using a secure web gateway (SWG)? (Choose two.)

  • A. Access to inappropriate websites or content is blocked based on acceptable use policies.
  • B. An encrypted challenge-response mechanism obtains user credentials from the browser.
  • C. Security policies for making internet access safer are enforced.
  • D. VPNs remain connected, reducing user risk exposure.

正解: A,C

 

質問 30
What is an advantage of the unified approach of the Palo Alto Networks secure access service edge (SASE) platform over the use of multiple point products?

  • A. It allows for automation of ticketing tasks and management of tickets without pivoting between various consoles.
  • B. It turns threat intelligence and external attack surface data into an intelligent data foundation to dramatically accelerate threat response.
  • C. It scans all traffic, ports, and protocols and automatically discovers new apps.
  • D. It reduces network and security complexity while increasing organizational agility.

正解: D

 

質問 31
The Cortex Data Lake sizing calculator for Prisma Access requires which three values as inputs? (Choose three.)

  • A. retention period for the logs to be stored
  • B. number of mobile users purchased
  • C. number of log-forwarding destinations
  • D. cloud-managed or Panorama-managed deployment
  • E. throughput of remote networks purchased

正解: A,B,E

 

質問 32
How does a secure web gateway (SWG) protect users from web-based threats while still enforcing corporate acceptable use policies?

  • A. It uses a cloud-based machine learning (ML)-powered web security engine to perform ML-based inspection of web traffic in real-time.
  • B. Users access the SWG, which then connects the user to the website while still performing security measures.
  • C. It prompts the browser to present a valid client certificate to authenticate the user.
  • D. Users are mapped via server logs for login events and syslog messages from authenticating services.

正解: B

 

質問 33
A customer currently has 150 Mbps of capacity at a site. Records show that, on average, a total of 30 Mbps of bandwidth is used for the two links.
What is the appropriate Prisma SD-WAN license for this site?

  • A. 250 Mbps
  • B. 175 Mbps
  • C. 50 Mbps
  • D. 25 Mbps

正解: C

 

質問 34
Which App Response Time metric measures the amount of time it takes to transfer incoming data from an external server to a local client?

  • A. UDP Response Time (UDP-TRT)
  • B. Round Trip Time (RTT)
  • C. Server Response Time (SRT)
  • D. Network Transfer Time (NTTn)

正解: B

 

質問 35
......

試験問題と解答はPSE-SASE学習ガイド問題解答:https://www.goshiken.com/Palo-Alto-Networks/PSE-SASE-mondaishu.html

関するブログ

もっと
PSE-SASE無料問題集