あなたを必ず合格させるPSE-PrismaCloud問題集PDF 2023年最新のに更新されたのは62問あります
Palo Alto Networks PSE-PrismaCloudリアル試験問題と解答を無料で提供いたします
質問 # 36
Based on the diagram, how many routes will the virtual gateway advertise to the on-premises NGFW over the Amazon Web Services Direct Connect link?
- A. 0
- B. 1
- C. 2
- D. 3
正解:A
質問 # 37
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?
- A. Unless otherwise noted, these templates are released under an as-is. best effort support policy.
- B. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.
- C. Palo Alto Networks provides full support if a valid support license is in place.
- D. Support for the templates is available through Professional Services from Palo Alto Networks.
正解:A
質問 # 38
Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)
- A. transit VPC and security VPC with VM-Series
- B. traditional active/standby HA on VM-Series
- C. transit gateway and security VPC with VM-Series
- D. iLB-as-next-hop
正解:B、C
質問 # 39
Which RQL string monitors all traffic from the Internet and Suspicious IPs destined for your Amazon Web Services databases?
- A. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest resource IN (resource where role IN ('AWS RDS'. 'Database'))
- B. network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('LDAP'))
- C. network where dest.resource IN (resource where role = 'Database'}
- D. network where source.publicnetwork IN ('Suspicious IPs') and dest.resource IN (resource where role IN ('AWS RDS', 'Database'))
正解:A
質問 # 40
What is the scope of the Amazon Web Services 1AM Service?
- A. regional
- B. global
- C. VPC
- D. zonal
正解:B
質問 # 41
A customer has just launched a Palo Alto Networks VM-Series NGFW into an Amazon Web Services VPC to protect a cloud hosted application. They are experiencing unpredictable results and have identified that the interfaces on the firewall are in the incorrect order Which PAN-OS CLI command resolves this issue?
- A. set system setting mgmt-interface swap yes
- B. set mgmt-interface settings swap yes
- C. set system setting mgmt-interface-swap enable yes
- D. set mgmt-interface swap yes
正解:C
質問 # 42
What are three examples of outbound traffic flow? (Choose three.)
- A. outgoing Prisma Public Cloud API calls
- B. issue yum update command on an instance inside Amazon Web Services
- C. web server inside Amazon Web Services receiving web requests from internet
- D. Microsoft Windows inside Azure requesting a security patch
- E. issue apt-get install command on an instance inside Amazon Web Services
正解:A、B、E
質問 # 43
An administrator has deployed an AWS transit gateway and used multiple VPC spokes to segregate a multi-tier application. The administrator also created a security VPC with multiple VM-Series NGFWs in an active/active deployment model via ECMP using Amazon Web Services VPN-based attachments.
What must be configured on the firewall to avoid asymmetric routing?
- A. source and destination address translation
- B. port address translation
- C. source address translation
- D. destination address translation
正解:C
質問 # 44
How is license utilization displayed within the Prisma Public Cloud interface?
- A. navigate to Settings (via the gear icon) > Licensing
- B. navigate to General > Licensing
- C. navigate to Dashboard > Asset Inventory
- D. navigate to the CLI and run show license command
正解:A
質問 # 45
The customer has an Amazon Web Services Elastic Computing Cloud that provides a service to the internet directly and needs to secure that cloud with a VM-Series NGFW.
Which component handles address translation?
- A. The server VMs and the VM-Series NGFW have private use only (RFC 1918) IPs. Amazons cloud infrastructure translates those addresses to publicly accessible IP addresses
- B. The servers and VM-Series NGFW have publicly accessible IP addresses for management purposes.
- C. The server VMs have private use only (RFC 1918) IPs. The VM-Series NGFW translates those addresses to publicly accessible IP addresses.
- D. The server VMs have private use only (RFC 1918) IPs. Amazon's cloud infrastructure translates those addresses to publicly accessible IP addresses. The VM-Series NGFW has publicly accessible IP addresses.
正解:A
質問 # 46
What is a permanent public IP called on Amazon Web Services?
- A. EIP
- B. PIP
- C. Reserved IP
- D. Floating IP
正解:A
質問 # 47
Which cloud provider supports iLB-as-next-hop?
- A. Oracle Cloud
- B. Microsoft Azure
- C. Alibaba Cloud
- D. Amazon Web Services
正解:B
質問 # 48
Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)
- A. Suspicious file activity
- B. Unusual user activity
- C. Excessive login failures
- D. Denial-of-service activity
- E. Account hijacking attempts
正解:B、C、E
解説:
Explanation
Account hijacking attempts
-Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
-Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.
Unusual user activity
-Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-poli
質問 # 49
Which three methods can provide application-level security for a web server instance on Amazon Web Services? (Choose three.)
- A. Amazon Web Services WAF
- B. VM-Series firewalls
- C. Prisma SaaS
- D. Traps
- E. Security Groups
正解:B、C、E
質問 # 50
Which RQL string using network query attributes returns all traffic destined for Internet or for Suspicious IPs that also exceeds 1GB?
- A. network where publicnetwork = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
- B. network where bytes > 1GB and destination = 'Internet IPs' OR 'Suspicious IPs'
- C. show traffic where destination.network = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
- D. network where dest.publicnetwork IN ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
正解:D
解説:
Explanation
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/rql-examples All network traffic that is greater than 1GB and destined to Internet or Suspicious IPs (allows you to identify data exfiltration attempt on any cloud environment).
network where dest.publicnetwork IN ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000
質問 # 51
......
合格できるPalo Alto Networks PSE-PrismaCloud試験情報と無料練習テスト:https://www.jpntest.com/shiken/PSE-PrismaCloud-mondaishu