[2023年03月20日]PSE-SASE試験問題集を試そう！ベストPSE-SASE試験問題 [Q35-Q54]

[2023年03月20日]PSE-SASE試験問題集を試そう！ベストPSE-SASE試験問題

検証済みのPSE-SASEテスト問題集で正確な67問題と解答

質問 35
How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?

A. Use the centralized flow data-export tool built into the controller.
B. Use a zone-based firewall to export directly through application program interface (API) to the SIEM.
C. Enable syslog on the Instant-On Network (ION) device.
D. Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.

正解: C

質問 36
Which elements of Autonomous Digital Experience Management (ADEM) help provide end-to-end visibility of everything in an organization's environment?

A. integrated threat intelligence management, automated distribution to enforcement points at scale, full ticket mirroring
B. scanning of all traffic, ports, and protocols
C. data collected from endpoint devices, synthetic monitoring tests, and real-time traffic
D. alerts, artifacts, and MITRE tactics

正解: A

質問 37
In an SD-WAN deployment, what allows customers to modify resources in an automated fashion instead of logging on to a central controller or using command-line interface (CLI) to manage all their configurations?

A. application programming interface (API)
B. dynamic user group (DUG)
C. DNS server
D. WildFire

正解: B

質問 38
Which product allows advanced Layer 7 inspection, access control, threat detection and prevention?

A. Infrastructure as a Service (IaaS)
B. remote browser isolation
C. network sandbox
D. Firewall as a Service (FWaaS)

正解: D

質問 39
Which App Response Time metric is the measure of network latency?

A. Server Response Time (SRT)
B. UDP Response Time (UDP-TRT)
C. Network Transfer Time (NTTn)
D. Round Trip Time (RTT)

正解: D

質問 40
Cloud-delivered App-ID provides specific identification of which two applications? (Choose two.)

A. private
B. unknown-tcp
C. web-browsing
D. custom

正解: B,C

質問 41
Which action protects against port scans from the internet?

A. Apply App-ID Security policy rules to block traffic sourcing from the untrust zone.
B. Assign an Interface Management profile to the zone of the ingress surface.
C. Assign Security profiles to Security policy rules for traffic sourcing from the untrust zone.
D. Apply a Zone Protection profile on the zone of the ingress interface.

正解: D

質問 42
A customer currently has 150 Mbps of capacity at a site. Records show that, on average, a total of 30 Mbps of bandwidth is used for the two links.
What is the appropriate Prisma SD-WAN license for this site?

A. 50 Mbps
B. 250 Mbps
C. 25 Mbps
D. 175 Mbps

正解: A

質問 43
A customer currently uses a third-party proxy solution for client endpoints and would like to migrate to Prisma Access to secure mobile user internet-bound traffic.
Which recommendation should the Systems Engineer make to this customer?

A. With the explicit proxy license, set up a service connection.
B. With the mobile user license, set up explicit proxy.
C. With the explicit proxy license add-on, set up GlobalProtect.
D. With the mobile user license, set up a corporate access node.

正解: B

質問 44
What are two ways service connections and remote network connections differ? (Choose two.)

A. Service connections support both OSPF and BGP for routing protocols, but remote networks support only BGP.
B. An on-premises resource cannot originate a connection to the internet over a service connection.
C. Remote network connections provide secondary WAN options, but service connections use backup service connection for redundancy.
D. Remote network connections enforce security policies, but service connections do not.

正解: C

質問 45
Which two services are part of the Palo Alto Networks cloud-delivered security services (CDSS) package?
(Choose two.)

A. virtual desktop infrastructure (VDI)
B. Internet of Things (IoT) Security
C. security information and event management (SIEM)
D. Advanced URL Filtering (AURLF)

正解: B,D

質問 46
What is a key benefit of CloudBlades?

A. configuration of the authentication source once instead of for each authentication method used
B. automation of UI workflow without any code development and deployment of Prisma SD-WAN ION devices
C. identification of port-based rules so they can be converted to application-based rules without compromising application availability
D. utilization of near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats

正解: B

質問 47
How does the secure access service edge (SASE) security model provide cost savings to organizations?

A. The compact size of the components involved reduces overhead costs, as less physical space is needed.
B. The increased complexity of the model over previous products reduces IT team staffing costs.
C. The content inspection integration allows third-party assessment, which reduces the cost of contract services.
D. The single platform reduces costs compared to buying and managing multiple point products.

正解: C

質問 48
Which two key benefits have been identified for a customer investing in the Palo Alto Networks Prisma secure access service edge (SASE) solution? (Choose two.)

A. reduced input required from management during third-party investigations
B. reduced number of security incidents requiring manual investigation
C. decreased need for interaction between branches
D. decreased likelihood of a data breach

正解: A,B

質問 49
Which statement applies to Prisma Access licensing?

A. For remote network and Clean Pipe deployments, a unit is defined as 1 Mbps of bandwidth.
B. Internet of Things (IOT) Security is included with each license.
C. It is a perpetual license required to enable support for multiple virtual systems on PA-3200 Series firewalls.
D. It provides cloud-based, centralized log storage and aggregation.

正解: A

質問 50
Which product leverages GlobalProtect agents for endpoint visibility and native Prisma SD-WAN integration for remote sites and branches?

A. Cloud-Delivered Security Services (CDSS)
B. CloudBlades:
C. WildFire
D. Autonomous Digital Experience Management (ADEM)

正解: A

質問 51
What is an advantage of next-generation SD-WAN over legacy SD-WAN solutions?

A. It steers traffic and defines networking and security policies from an application-centric perspective, rather than a packet-based approach.
B. It allows configuration to forward logs to external logging destinations, such as syslog servers.
C. It enables definition of the privileges and responsibilities of administrative users in a network.
D. It provides the ability to push common configurations, configuration updates, and software upgrades to all or a subset of the managed appliances.

正解: A

質問 52
What is feature of Autonomous Digital Experience Management (ADEM)?

A. It applies configuration changes and provides credential management, role-based controls, and a playbook repository.
B. It provides IT teams with single-pane visibility that leverages endpoint, simulated, and real-time user traffic data to provide the most complete picture of user traffic flows possible.
C. It natively ingests, normalizes, and integrates granular data across the security infrastructure at nearly half the cost of legacy security products attempting to solve the problem.
D. It provides customized forms to collect and validate necessary parameters from the requester.

正解: B

質問 53
Which statement describes the data loss prevention (DLP) add-on?

A. It employs automated policy enforcement to allow trusted behavior with a new Device-ID policy construct.
B. It prevents phishing attacks by controlling the sites to which users can submit valid corporate credentials.
C. It enables data sharing with third-party tools such as security information and event management (SIEM) systems.
D. It is a centrally delivered cloud service with unified detection policies that can be embedded in existing control points.

正解: D

質問 54
......

Palo Alto Networks PSE-SASEテストエンジンPDFで全問無料問題集：https://www.goshiken.com/Palo-Alto-Networks/PSE-SASE-mondaishu.html

関するブログ

もっと

PSE-SASE無料問題集