[Oct-2021] Dumps Brief Outline Of The PSE-PrismaCloud Exam - UpdateDumps [Q34-Q58]

[Oct-2021] Dumps Brief Outline Of The PSE-PrismaCloud Exam - UpdateDumps

PSE-PrismaCloud Training & Certification Get Latest PSE-Prisma Cloud Professional 

NEW QUESTION 34
A customer CSO has asked you to demonstrate how to identify all "Amazon RDS" resources deployed and the region that they are deployed in. What are two ways that Prisma Public Cloud can show the relevant information?(Choose two.)

• A. Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.
• B. Write an RQL query from the "Investigate" tab.
• C. Configure an Inventory report from the "Alerts" tab
• D. Generate a compliance report from the Compliance dashboard

Answer: A,B

 

NEW QUESTION 35
Which Amazon Web Services security service can provide host vulnerability information to Prisma Public Cloud?

• A. Inspector
• B. Amazon Web Services WAF
• C. GuardDuty
• D. Shield

Answer: C

Explanation:
Explanation
http://www.paloguard.com/datasheets/prisma-cloud-on-aws.pdf

 

NEW QUESTION 36
Which RQL string returns a list of all Azure virtual machines that are not currently running?

• A. config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"
• B. config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"
• C. config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'
• D. config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

Answer: D

 

NEW QUESTION 37
Match the logging service with its cloud provider.

Answer:

Explanation:

Explanation
AWS, Azure, GCP, Azure, AWS, GCP

 

NEW QUESTION 38
The Microsoft Azure virtual network gateway supports which two site-to-site connectivity options? (Choose two.)

• A. ExpressRoute
• B. IPsecVPN
• C. Fast Connect
• D. Direct Connect

Answer: A,B

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

 

NEW QUESTION 39
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

• A. Support for the templates is available through Professional Services from Palo Alto Networks.
• B. Palo Alto Networks provides full support if a valid support license is in place.
• C. Unless otherwise noted, these templates are released under an as-is. best effort support policy.
• D. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.

Answer: D

 

NEW QUESTION 40
How does a customer that has deployed a VM-Series NGFW on Microsoft Azure using a BYOL license change to a PAYG license structure?

• A. go to Palo Alto Networks Support website to change the BYOL license to a PAYG license
• B. launch a new VM using the PAYG image
• C. purchase a new PAYG license from a reseller
• D. purchase a new PAYG license for Microsoft Azure from Palo Alto Networks

Answer: B

 

NEW QUESTION 41
Which three features are not supported by VM-Series NGFWs on Azure Stack? (Choose three.)

• A. ARM Template
• B. Azure Security Center
• C. Bootstrapping
• D. Azure Application Insight
• E. Resource Group

Answer: A,C,D

 

NEW QUESTION 42
A customer CSO has asked you to demonstrate how to identify all "Amazon RDS" resources deployed and the region that they are deployed in. What are two ways that Prisma Public Cloud can show the relevant information?(Choose two.)

• A. Write an RQL query from the "Investigate" tab.
• B. Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.
• C. Generate a compliance report from the Compliance dashboard
• D. Configure an Inventory report from the "Alerts" tab

Answer: B,C

 

NEW QUESTION 43
How can you modify a range of dates default policy in Prisma Public Cloud?

• A. Clone the existing policy and change the value.
• B. Override the value and commit the configuration.
• C. Manually create the RQL statement.
• D. Click the Gear icon next to the policy name to open the Edit Policy dialog

Answer: A

 

NEW QUESTION 44
Which framework in Prisma Public Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?

• A. CIS Benchmark
• B. Payment Card Industry DSS V3
• C. HIPAA
• D. GDPR

Answer: A

 

NEW QUESTION 45
Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)

• A. iLB-as-next-hop
• B. transit gateway and security VPC with VM-Series
• C. traditional active/standby HA on VM-Series
• D. transit VPC and security VPC with VM-Series

Answer: C,D

 

NEW QUESTION 46
What are two examples of Amazon Web Services logging services? (Choose two.)

• A. CloudWatch
• B. CloudLog
• C. CIoudTrail
• D. CloudEvent

Answer: A,C

 

NEW QUESTION 47
Which two cloud providers support Load Balancers as next hop configurations for outbound connections?
(Choose two.)

• A. Oracle Cloud
• B. Amazon Web Services
• C. Microsoft Azure
• D. Google Cloud Platform

Answer: A,D

 

NEW QUESTION 48
Which framework in Prisma Public Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?

• A. Payment Card Industry DSS V3
• B. HIPAA
• C. CIS Benchmark
• D. GDPR

Answer: D

 

NEW QUESTION 49
Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

• A. Denial-of-service activity
• B. Unusual user activity
• C. Excessive login failures
• D. Suspicious file activity
• E. Account hijacking attempts

Answer: B,C,E

Explanation:
Explanation
Account hijacking attempts
-Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
-Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.
Unusual user activity
-Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-poli

 

NEW QUESTION 50
Which option is defined by the creation and change of public cloud services managed in a repeatable and predictable fashion?

• A. platform as a service
• B. software as code
• C. infrastructure as a service
• D. infrastructure as code

Answer: C

 

NEW QUESTION 51
Which three methods can provide application-level security for a web server instance on Amazon Web Services? (Choose three.)

• A. Security Groups
• B. VM-Series firewalls
• C. Traps
• D. Amazon Web Services WAF
• E. Prisma SaaS

Answer: A,B,E

 

NEW QUESTION 52
What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?

• A. Source Check is disabled and Destination Check is enabled
• B. Both Source and Destination Checks are enabled
• C. Source Check is enabled and Destination Check is disabled
• D. Both Source and Destination Checks are disabled

Answer: D

Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/us

 

NEW QUESTION 53
In which two ways does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies? (Choose two.)

• A. fully instrumented API
• B. support for Dynamic Address Groups
• C. Aperture Orchestration Engine
• D. VM Orchestration Policy Editor

Answer: A,B

 

NEW QUESTION 54
What are two ways to initially deploy a VM-Series NGFW in Microsoft Azure? (Choose two.)

• A. through Expedition in the Customer Success Portal
• B. through Solution Templates in the Azure Marketplace
• C. through Iron Skillets in the GitHub Repository
• D. through ARM Templates in the GitHub Repository

Answer: A,D

 

NEW QUESTION 55
What resource is required to receive inbound traffic from the internet to VM-Series NGFW deployed as a gateway for Azure Stack workloads?

• A. NAT appliance
• B. Azure Stack Edge Router
• C. Border Customer Network
• D. Public IP for the VM-Series NGFW

Answer: A

 

NEW QUESTION 56
What is the scope of the Amazon Web Services 1AM Service?

• A. regional
• B. VPC
• C. global
• D. zonal

Answer: C

 

NEW QUESTION 57
The customer has an Amazon Web Services Elastic Computing Cloud that provides a service to the internet directly and needs to secure that cloud with a VM-Series NGFW.
Which component handles address translation?

• A. The server VMs have private use only (RFC 1918) IPs. Amazon's cloud infrastructure translates those addresses to publicly accessible IP addresses. The VM-Series NGFW has publicly accessible IP addresses.
• B. The server VMs have private use only (RFC 1918) IPs. The VM-Series NGFW translates those addresses to publicly accessible IP addresses.
• C. The server VMs and the VM-Series NGFW have private use only (RFC 1918) IPs. Amazons cloud infrastructure translates those addresses to publicly accessible IP addresses
• D. The servers and VM-Series NGFW have publicly accessible IP addresses for management purposes.

Answer: C

 

NEW QUESTION 58
......

Certification Training for PSE-PrismaCloud Exam Dumps Test Engine: https://www.updatedumps.com/Palo-Alto-Networks/PSE-PrismaCloud-updated-exam-dumps.html

PSE-Prisma Cloud Professional PSE-PrismaCloud Real Exam Questions and Answers FREE Updated: https://drive.google.com/open?id=1uH-TdnlQuKMfpWeynmPnCMMxeQgmurBj