Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Discussions
  1. Home
  2. Paloalto Networks
  3. PSE-Prisma Cloud Professional
  4. PSE-Prisma-Pro-24
  5. Palo Alto Networks System Engineer - Prisma CloudProfessional Questions and Answers

Pass the Paloalto Networks PSE-Prisma Cloud Professional PSE-Prisma-Pro-24 Questions and answers with ValidTests

Exam PSE-Prisma-Pro-24 All Questions
Exam PSE-Prisma-Pro-24 Premium Access

View all detail and faqs for the PSE-Prisma-Pro-24 exam

Go to Exam
Viewing page 1 out of 4 pages
Viewing questions 1-10 out of questions
Questions # 1:

The VM-Series integration with Amazon GuardDuty feeds malicious IP addresses to the VM-Series NGFW using XML API to populate a Dynamic Address Group within a Security policy that blocks traffic.

How does Amazon Web Services achieve this integration?

Options:

A.

SNS

B.

SQS

C.

CodeDeploy

D.

Lambda

Expert Solution
Questions # 2:

Which three services can Google Cloud Security Scanner assess? (Choose three.)

Options:

A.

Google Kubernetes Engine

B.

BigQuery

C.

Compute Engine

D.

App Engine

E.

Google Virtual Private Cloud

Expert Solution
Questions # 3:

What are the two options to dynamically register tags used by Dynamic Address Groups that are referenced in policy? (Choose two.)

Options:

A.

VM Monitoring

B.

External Dynamic List

C.

CFT Template

D.

XML API

Expert Solution
Questions # 4:

Which three requirements are needed to register a PAYG VM-Series NGFW at the Palo Alto Networks Customer Support website? (Choose three.)

Options:

A.

Serial Number

B.

CPU ID

C.

Auth Code

D.

License Key

E.

UUID

Expert Solution
Questions # 5:

How can you modify a range of dates default policy in Prisma Public Cloud?

Options:

A.

Override the value and commit the configuration.

B.

Clone the existing policy and change the value.

C.

Manually create the RQL statement.

D.

Click the Gear icon next to the policy name to open the Edit Policy dialog

Expert Solution
Questions # 6:

Which RQL string monitors all traffic from the Internet and Suspicious IPs destined for your Amazon Web Services databases''

Options:

A.

network where source.publicnetwork IN ('Suspicious IPs') and dest.resource IN (resource where role IN ('AWS RDS', 'Database'))

B.

network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('LDAP'))

C.

network where dest.resource IN (resource where role = 'Database'}

D.

network where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest resource IN (resource where role IN ('AWS RDS'. 'Database'))

Expert Solution
Questions # 7:

Which three methods can provide application-level security for a web server instance on Amazon Web Services? (Choose three.)

Options:

A.

Traps

B.

Prisma SaaS

C.

Amazon Web Services WAF

D.

VM-Series firewalls

E.

Security Groups

Expert Solution
Questions # 8:

When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)

Options:

A.

Group2 / SHA-1 / AES-128-CBC / IKE-V1

B.

Group2 / SHA-1 / AES-128-GCM / IKE-V1

C.

Group14 / SHA-256 / AES-256-GCM / IKE-V1

D.

Group2 / SHA-1 / AES-128-CBC

E.

Group14 / SHA-256 / AES-256-CBC / IKE-V1

Expert Solution
Questions # 9:

Which three features are not supported by VM-Series NGFWs on Azure Stack? (Choose three.)

Options:

A.

Azure Application Insight

B.

Resource Group

C.

Azure Security Center

D.

Bootstrapping

E.

ARM Template

Expert Solution
Questions # 10:

Which two resources provide operational insight within the Prisma Cloud Asset Inventory? (Choose two.)

Options:

A.

Cortex Data Lake

B.

Cloud Storage buckets

C.

Prisma Access Gateways

D.

Compute Engine instance

Expert Solution
Viewing page 1 out of 4 pages
Viewing questions 1-10 out of questions