有効なPSE-PrismaCloudテスト解答Palo Alto Networks PSE-PrismaCloud試験PDF問題を試そう [Q35-Q50]

有効なPSE-PrismaCloudテスト解答Palo Alto Networks PSE-PrismaCloud試験PDF問題を試そう

Palo Alto Networks PSE-PrismaCloud認定リアル2021年最新の模擬試験合格させます

質問 35
Match the query type with its corresponding search

正解:

解説:

 

質問 36
Which Amazon Web Services security service can provide host vulnerability information to Prisma Public Cloud?

• A. Shield
• B. GuardDuty
• C. Amazon Web Services WAF
• D. Inspector

正解: D

 

質問 37
What is Prisma Public Cloud licensing based on?

• A. number of accounts onboarded
• B. volume of flow logs consumed
• C. number of alerts generated
• D. number of monitored workloads

正解: D

 

質問 38
Which Google Cloud Platform project shares its VPC networks with other projects?

• A. Admin project
• B. Host project
• C. Service project
• D. Subscribing project

正解: B

解説:
Explanation
Create a shared VPC using the Trust VPC created when you deployed the firewall template.
Set up a shared VPC for the host (firewall) project:
gcloud compute shared-vpc enable HOST_PROJECT_ID
https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-google

 

質問 39
Which three requirements are needed to register a PAYG VM-Series NGFW at the Palo Alto Networks Customer Support website? (Choose three.)

• A. License Key
• B. UUID
• C. Auth Code
• D. Serial Number
• E. CPU ID

正解: B,D,E

 

質問 40
How can you use Prisma Public Cloud to identify Amazon EC2 instances that have been tagged as "Private?

• A. Create an RQL config query to identify resources with the tag "Private."
• B. Create an RQL network query to identify traffic from resources tagged "Private."
• C. Open the Asset Dashboard, filter on tags: and choose "Private."
• D. Generate a CIS compliance report and review the "Asset Summary."

正解: B

 

質問 41
Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance?
(Choose two.)

• A. UUID
• B. new Auth Code
• C. API Key
• D. CPU ID

正解: A,D

解説:
Explanation
In a public cloud deployment, if your firewall is licensed with the BYOL option, you must Deactivate VM before you change the instance type or VM type and apply the license again on the firewall after you complete the model or instance upgrade. When you change the instance type, because the firewall has a new UUID and CPU ID, the existing license will no longer be valid.
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/about-the-vm-series-firewall/upgrade-th

 

質問 42
What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?

• A. Both Source and Destination Checks are enabled
• B. Source Check is enabled and Destination Check is disabled
• C. Both Source and Destination Checks are disabled
• D. Source Check is disabled and Destination Check is enabled

正解: C

解説:
Explanation
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/us

 

質問 43
Which three methods can provide application-level security for a web server instance on Amazon Web Services? (Choose three.)

• A. Security Groups
• B. VM-Series firewalls
• C. Traps
• D. Prisma SaaS
• E. Amazon Web Services WAF

正解: B,C,E

 

質問 44
When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)

• A. Group14 / SHA-256 / AES-256-CBC / IKE-V1
• B. Group2 / SHA-1 / AES-128-CBC
• C. Group2 / SHA-1 / AES-128-CBC / IKE-V1
• D. Group2 / SHA-1 / AES-128-GCM / IKE-V1
• E. Group14 / SHA-256 / AES-256-GCM / IKE-V1

正解: A,E

 

質問 45
Which two cloud providers support Load Balancers as next hop configurations for outbound connections?
(Choose two.)

• A. Amazon Web Services
• B. Oracle Cloud
• C. Microsoft Azure
• D. Google Cloud Platform

正解: B,D

 

質問 46
Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

• A. Unusual user activity
• B. Suspicious file activity
• C. Denial-of-service activity
• D. Account hijacking attempts
• E. Excessive login failures

正解: A,D,E

解説:
Explanation
Account hijacking attempts
-Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
-Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.
Unusual user activity
-Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-poli

 

質問 47
How is license utilization displayed within the Prisma Public Cloud interface?

• A. navigate to General > Licensing
• B. navigate to Dashboard > Asset Inventory
• C. navigate to the CLI and run show license command
• D. navigate to Settings (via the gear icon) > Licensing

正解: D

 

質問 48
Which RQL string using network query attributes returns all traffic destined for Internet or for Suspicious IPs that also exceeds 1GB?

• A. network where dest.publicnetwork IN ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
• B. network where bytes > 1GB and destination = 'Internet IPs' OR 'Suspicious IPs'
• C. show traffic where destination.network = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
• D. network where publicnetwork = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000

正解: A

解説:
Explanation
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/rql-examples All network traffic that is greater than 1GB and destined to Internet or Suspicious IPs (allows you to identify data exfiltration attempt on any cloud environment).
network where dest.publicnetwork IN ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000

 

質問 49
How does a customer that has deployed a VM-Series NGFW on Microsoft Azure using a BYOL license change to a PAYG license structure?

• A. purchase a new PAYG license from a reseller
• B. purchase a new PAYG license for Microsoft Azure from Palo Alto Networks
• C. go to Palo Alto Networks Support website to change the BYOL license to a PAYG license
• D. launch a new VM using the PAYG image

正解: C

 

質問 50
......

Palo Alto Networks PSE-PrismaCloud 認定試験の出題範囲：

トピック	出題範囲
トピック 1	Be the technical voice of Sales for all things related to security and compliance in Public Cloud
トピック 2	Ability to discuss, with credibility, competitive offers in the marketplace and effectively differentiate against them
トピック 3	Assist with the training of new System Engineers in their designated region in installs customer presentations, and internally-focused deal preparation activities
トピック 4	Help develop relationships with new Born-in-the-Cloud partners who will be integral in winning over new customers
トピック 5	Lead conversations about industry trends and emerging changes Support relationship expansion with top existing partners for Public Cloud
トピック 6	Interact locally and remotely with customers in an equally persuasive, confident manner
トピック 7	Act as the customers advocate for any issues that require technical assistance and follow up with the customer until the issue is resolved
トピック 8	Provide design consultation and standard methodology mentorship for rollout|Provide technical demos for strategic prospects and current accounts of Palo Alto Networks virtual offerings and integration in existing data center environments
トピック 9	Effectively lead and support customer demonstrations with our System Engineers that showcase our value

 

PSE-PrismaCloud試験問題と有効なPSE-PrismaCloud問題集PDF：https://www.jpntest.com/shiken/PSE-PrismaCloud-mondaishu