New Year Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

PSE-PrismaCloud PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Questions and Answers

Questions 4

What is Prisma Public Cloud licensing based on?

Options:

A.

number of alerts generated

B.

number of accounts onboarded

C.

number of monitored workloads

D.

volume of flow logs consumed

Buy Now
Questions 5

What are two ways to enable interface swap when deploying a VM-Series NGFW in Google Cloud Platform? (Choose two.)

Options:

A.

run the PAN-OS CLI command: set system mgmt-interface-swap enable yes

B.

run the PAN-OS CLI command: set system mgmt-interface-swap setting enable yes

C.

create a bootstrap file that includes the mgmt-interface-swap command

D.

in the Google Cloud Console Metadata Field, enter a key-value pair where mgmt-interface-swap is the key and enable is the value

Buy Now
Questions 6

When protecting against attempts to exploit client-side and server-side vulnerabilities, what is the Palo Alto Networks best practice when using NGFW Vulnerability Protection Profiles?

Options:

A.

Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats

B.

Clone the predefined Strict Profile, with packet capture settings disabled

C.

Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats

D.

Clone the predefined Strict Profile, with packet capture settings enabled

Buy Now
Questions 7

Which cloud provider supports iLB-as-next-hop?

Options:

A.

Microsoft Azure

B.

Alibaba Cloud

C.

Oracle Cloud

D.

Amazon Web Services

Buy Now
Questions 8

Which statement applies to optimization of registry scans with version pattern matching?

Options:

A.

It requires Linux images to rely on optimizing registry scans due to various Linux elements.

B.

It is only necessary in registries with tens of thousands of repositories and millions of images.

C.

It is best practice to always optimize registry scans for faster results.

D.

It is rarely successful in the Windows Operating System (OS).

Buy Now
Questions 9

can you create a custom compliance standard in Prisma Public Cloud?

Options:

A.

Generate a new Compliance Report.

B.

Create compliance framework in a spreadsheet then import into Prisma Public Cloud.

C.

From Compliance tab, clone a default framework and customize.

D.

From Compliance tab > Compliance Standards, click "Add New."

Buy Now
Questions 10

Which pillar of the Prisma Cloud platform can secure outbound traffic, stop lateral attack movement, and block inbound threats?

Options:

A.

Cloud Workload Protection (CWP)

B.

Cloud Code Security

C.

Cloud Network Security

D.

Cloud Identity Security

Buy Now
Questions 11

The Microsoft Azure virtual network gateway supports which two site-to-site connectivity options? (Choose two.)

Options:

A.

Direct Connect

B.

Fast Connect

C.

IPsecVPN

D.

ExpressRoute

Buy Now
Questions 12

All Amazon Regional Database Service (RDS)-deployed resources and the regions in which they are deployed can be identified by prisma Cloud using which two methods? (Choose two.)

Options:

A.

Configure an Inventory report from the "Alerts" tab.

B.

Write an RQL query from the "Investigate" tab.

C.

Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.

D.

Generate a compliance report from the Compliance dashboard.

Buy Now
Questions 13

Which two resources provide operational insight within the Prisma Cloud Asset Inventory? (Choose two.)

Options:

A.

Cortex Data Lake

B.

Cloud Storage buckets

C.

Prisma Access Gateways

D.

Compute Engine instance

Buy Now
Questions 14

Which two cloud providers provide egress load balancing? (Choose two.)

Options:

A.

Microsoft Azure

B.

Alibaba Cloud

C.

Amazon Web Services

D.

Oracle Cloud

Buy Now
Questions 15

Which regulatory framework in Prisma Public Cloud measures compliance with EU data privacy regulations in Amazon Web Services workloads?

Options:

A.

GDPR

B.

EU Data Protection Directive 95/46/EC

C.

ISO 27001

D.

Payment Card Industry 3.0

Buy Now
Questions 16

How can a range of dates in the Prisma Cloud default policy be modified?

Options:

A.

Clone the existing policy and change the value.

B.

Click the gear icon next to the policy name to open the "Edit Policy" dialog.

C.

Manually create the Resource Query Language (RQL) statement.

D.

Override the value and commit the configuration.

Buy Now
Questions 17

An administrator has deployed an AWS transit gateway and used multiple VPC spokes to segregate a multi-tier application. The administrator also created a security VPC with multiple VM-Series NGFWs in an active/active deployment model via ECMP using Amazon Web Services VPN-based attachments.

What must be configured on the firewall to avoid asymmetric routing?

Options:

A.

source address translation

B.

destination address translation

C.

port address translation

D.

source and destination address translation

Buy Now
Questions 18

Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

Options:

A.

Excessive login failures

B.

Unusual user activity

C.

Denial-of-service activity

D.

Account hijacking attempts

E.

Suspicious file activity

Buy Now
Questions 19

Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance? (Choose two.)

Options:

A.

UUID

B.

new Auth Code

C.

CPU ID

D.

API Key

Buy Now
Questions 20

Which RQL string returns a list of all Azure virtual machines that are not currently running?

Options:

A.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'

B.

config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"

C.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

D.

config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

Buy Now
Questions 21

The VM-Series integration with Amazon GuardDuty feeds malicious IP addresses to the VM-Series NGFW using XML API to populate a Dynamic Address Group within a Security policy that blocks traffic.

How does Amazon Web Services achieve this integration?

Options:

A.

SNS

B.

SQS

C.

CodeDeploy

D.

Lambda

Buy Now
Questions 22

Which two statements are true about CloudFormation? (Choose two.)

Options:

A.

CloudFormation is a procedural configuration management tool.

B.

CloudFormation templates can be used on both Amazon Web Services and Microsoft Azure

C.

CloudFormation templates can be written in JSON or YAML

D.

CloudFormation is a declarative orchestration tool.

Buy Now
Questions 23

How can you modify a range of dates default policy in Prisma Public Cloud?

Options:

A.

Override the value and commit the configuration.

B.

Clone the existing policy and change the value.

C.

Manually create the RQL statement.

D.

Click the Gear icon next to the policy name to open the Edit Policy dialog

Buy Now
Questions 24

Which RQL string searches for all EBS volumes that do not have a "DataClassification" tag?

Options:

A.

config where api.name = 'aws-ec2-describe-volumes, AND json.rule = tags[*]key contains DataClassification

B.

config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*]key != DataClassification

C.

config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*].key exists

D.

config where api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1

Buy Now
Questions 25

Which type of alert captures unusual user activity and excessive login failures?

Options:

A.

Anomaly

B.

Audit Event

C.

Configuration

D.

Network

Buy Now
Questions 26

How can all alerts related to "Amazon RDS" be quickly identified within the Prisma Cloud dashboard?

Options:

A.

Generate a Center for Internet Security (CIS) compliance report and search for "Amazon RDS" policy violations.

B.

View the alert data on the "Asset Inventory" dashboard and filter on "Amazon RDS.

C.

Within the "Alerts" tab. filter on "Amazon RDS" as a service.

D.

Create a custom Resource Query Language (RQL) configuration report.

Buy Now
Questions 27

What are two business values of Cloud Code Security? (Choose two.)

Options:

A.

consistent controls from build time to runtime

B.

prebuilt and customizable polices to detect data such as personally identifiable information (PII) in publicly exposed objects

C.

support for multiple languages, runtimes and frameworks

D.

continuous monitoring of all could resources for vulnerabilities, misconfigurations, and other threats

Buy Now
Questions 28

What is required for an EC2 instance to access the internet directly from an AWS VPC?

Options:

A.

Internet Gateway

B.

Transit Gateway

C.

Virtual Private Gateway

D.

Customer Gateway

Buy Now
Questions 29

Which two deployment methods are supported for Prisma Cloud Compute (PCC) container Defenders? (Choose two.)

Options:

A.

Azure SQL database instances

B.

Google Kubernetes Engine

C.

Oracle Functions service

D.

Kubernetes DaemonSet

Buy Now
Questions 30

Which statement reflects the default vulnerability management policy?

Options:

A.

Policy rule order has little impact on optimization.

B.

Prisma Cloud scans images in all containers immediately upon policy activation.

C.

The default vulnerability policy rule has an alert threshold to critical.

D.

Prisma Cloud ships all vulnerability policy with a default alert for containers, hosts, and serverless functions.

Buy Now
Questions 31

Which Google Cloud Platform project shares its VPC networks with other projects?

Options:

A.

Service project

B.

Host project

C.

Admin project

D.

Subscribing project

Buy Now
Questions 32

Which Resource Query Language (RQL) query monitors all "delete" activities for the user "user1"?

Options:

A.

event where crud = 'delete’ AND subject = 'user1'

B.

event where crud = 'delete'

C.

event where crud = 'delete' AND subject = 'user1' AND cloud.type = 'aws'

D.

event where subject = 'user1'

Buy Now
Questions 33

What are two examples of Amazon Web Services logging services? (Choose two.)

Options:

A.

CloudLog

B.

CloudEvent

C.

CloudWatch

D.

CIoudTrail

Buy Now
Questions 34

Which two cloud-native providers are supported by Prisma Cloud? (Choose two.)

Options:

A.

DigitalOcean

B.

Azure

C.

IBM Cloud

D.

Oracle Cloud

Buy Now
Exam Code: PSE-PrismaCloud
Exam Name: PSE Palo Alto Networks System Engineer Professional - Prisma Cloud
Last Update: Dec 18, 2024
Questions: 115

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now PSE-PrismaCloud testing engine

PDF (Q&A)

$36.75  $104.99
buy now PSE-PrismaCloud pdf