• Home
  • Articles
  • Pass Palo Alto Networks PSE-PrismaCloud With UpdateDumps Exam Dumps - Updated on Dec-2021 [Q36-Q61]

Pass Palo Alto Networks PSE-PrismaCloud With UpdateDumps Exam Dumps - Updated on Dec-2021 [Q36-Q61]

Share

Pass Palo Alto Networks PSE-PrismaCloud With UpdateDumps Exam Dumps - Updated on Dec-2021

Fully Updated PSE-PrismaCloud Dumps - 100% Same Q&A In Your Real Exam

NEW QUESTION 36
Which cloud provider supports iLB-as-next-hop?

  • A. Amazon Web Services
  • B. Microsoft Azure
  • C. Alibaba Cloud
  • D. Oracle Cloud

Answer: B

 

NEW QUESTION 37
What is the default capacity license of a VM-Series NGFW being deployed from the Google Cloud Platform Marketplace?

  • A. VM-GCP
  • B. VM-100
  • C. VM-300
  • D. VM-500

Answer: C

Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-google

 

NEW QUESTION 38
How can you create a custom compliance standard in Prisma Public Cloud?

  • A. From Compliance tab, clone a default framework and customize.
  • B. Create compliance framework in a spreadsheet then import into Prisma Public Cloud.
  • C. Generate a new Compliance Report.
  • D. From Compliance tab > Compliance Standards, click "Add New."

Answer: D

Explanation:
Explanation
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-compliance/create-a-c

 

NEW QUESTION 39
What is Prisma Public Cloud licensing based on?

  • A. number of accounts onboarded
  • B. number of monitored workloads
  • C. number of alerts generated
  • D. volume of flow logs consumed

Answer: B

 

NEW QUESTION 40
An administrator deploys a VM-Series firewall into Amazon Web Services. Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?

  • A. source/destination checking
  • B. security group
  • C. elastic ip address
  • D. tags

Answer: A

Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/de

 

NEW QUESTION 41
When protecting against attempts to exploit client-side and server-side vulnerabilities, what is the Palo Alto Networks best practice when using NGFW VulnerabilityProtection Profiles?

  • A. Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats
  • B. Clone the predefined Strict Profile, with packet capture settings disabled
  • C. Clone the predefined Strict Profile, with packet capture settings enabled
  • D. Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats

Answer: C

 

NEW QUESTION 42
What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?

  • A. Source Check is enabled and Destination Check is disabled
  • B. Both Source and Destination Checks are disabled
  • C. Source Check is disabled and Destination Check is enabled
  • D. Both Source and Destination Checks are enabled

Answer: B

Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/us

 

NEW QUESTION 43
When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)

  • A. Group2 / SHA-1 / AES-128-CBC
  • B. Group2 / SHA-1 / AES-128-GCM / IKE-V1
  • C. Group14 / SHA-256 / AES-256-CBC / IKE-V1
  • D. Group2 / SHA-1 / AES-128-CBC / IKE-V1
  • E. Group14 / SHA-256 / AES-256-GCM / IKE-V1

Answer: C,E

 

NEW QUESTION 44
Which change represents a VM-Series NGFW license transfer?

  • A. VM-100 BYOL on Microsoft Azure to VM-300 BYOL on Microsoft Azure
  • B. VM-100 BYOL on Microsoft Azure to VM-300 PAYG on Amazon Web Services
  • C. VM-300 BYOL on Microsoft Azure to VM-300 PAY6 on Amazon Web Services
  • D. VM-100 BYOL on Microsoft Azure to VM-100 BYOL on Amazon Web Services

Answer: A

 

NEW QUESTION 45
Which two cloud providers support Load Balancers as next hop configurations for outbound connections?
(Choose two.)

  • A. Amazon Web Services
  • B. Microsoft Azure
  • C. Google Cloud Platform
  • D. Oracle Cloud

Answer: B,C

 

NEW QUESTION 46
Which RQL string returns a list of all Azure virtual machines that are not currently running?

  • A. config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"
  • B. config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'
  • C. config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"
  • D. config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

Answer: A

 

NEW QUESTION 47
Which option is defined by the creation and change of public cloud services managed in a repeatable and predictable fashion?

  • A. infrastructure as a service
  • B. platform as a service
  • C. infrastructure as code
  • D. software as code

Answer: A

 

NEW QUESTION 48
What is the default capacity license of a VM-Series NGFW being deployed from the Google Cloud Platform Marketplace?

  • A. VM-GCP
  • B. VM-100
  • C. VM-300
  • D. VM-500

Answer: C

 

NEW QUESTION 49
When protecting against attempts to exploit client-side and server-side vulnerabilities, what is the Palo Alto Networks best practice when using NGFW Vulnerability Protection Profiles?

  • A. Clone the predefined Strict Profile, with packet capture settings disabled
  • B. Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats
  • C. Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats
  • D. Clone the predefined Strict Profile, with packet capture settings enabled

Answer: B

 

NEW QUESTION 50
A customer has deployed a VM-Series NGFW on Amazon Web Services using a PAYG license. What is the sequence required by the customer to switch to a BYOL license?

Answer:

Explanation:

Explanation
backup, register, deploy, activate, load

 

NEW QUESTION 51
An administrator has deployed an AWS transit gateway and used multiple VPC spokes to segregate a multi-tier application. The administrator also created a security VPC with multiple VM-Series NGFWs in an active/active deployment model via ECMP using Amazon Web Services VPN-based attachments.
What must be configured on the firewall to avoid asymmetric routing?

  • A. source and destination address translation
  • B. source address translation
  • C. destination address translation
  • D. port address translation

Answer: B

 

NEW QUESTION 52
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

  • A. Support for the templates is available through Professional Services from Palo Alto Networks.
  • B. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.
  • C. Palo Alto Networks provides full support if a valid support license is in place.
  • D. Unless otherwise noted, these templates are released under an as-is. best effort support policy.

Answer: D

 

NEW QUESTION 53
The Microsoft Azure virtual network gateway supports which two site-to-site connectivity options? (Choose two.)

  • A. Direct Connect
  • B. ExpressRoute
  • C. IPsecVPN
  • D. Fast Connect

Answer: B,C

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

 

NEW QUESTION 54
The customer has an Amazon Web Services Elastic Computing Cloud that provides a service to the internet directly and needs to secure that cloud with a VM-Series NGFW.
Which component handles address translation?

  • A. The server VMs have private use only (RFC 1918) IPs. Amazon's cloud infrastructure translates those addresses to publicly accessible IP addresses. The VM-Series NGFW has publicly accessible IP addresses.
  • B. The server VMs have private use only (RFC 1918) IPs. The VM-Series NGFW translates those addresses to publicly accessible IP addresses.
  • C. The servers and VM-Series NGFW have publicly accessible IP addresses for management purposes.
  • D. The server VMs and the VM-Series NGFW have private use only (RFC 1918) IPs. Amazons cloud infrastructure translates those addresses to publicly accessible IP addresses

Answer: D

 

NEW QUESTION 55
Which RQL string returns a list of all Azure virtual machines that are not currently running?

  • A. config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"
  • B. config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"
  • C. config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'
  • D. config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

Answer: B

 

NEW QUESTION 56
A customer has deployed a VM-Series NGFW on Amazon Web Services using a PAYG license. What is the sequence required by the customer to switch to a BYOL license?

Answer:

Explanation:

 

NEW QUESTION 57
Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance?
(Choose two.)

  • A. new Auth Code
  • B. UUID
  • C. API Key
  • D. CPU ID

Answer: A,C

Explanation:
Explanation
In a public cloud deployment, if your firewall is licensed with the BYOL option, you must Deactivate VM before you change the instance type or VM type and apply the license again on the firewall after you complete the model or instance upgrade. When you change the instance type, because the firewall has a new UUID and CPU ID, the existing license will no longer be valid.
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/about-the-vm-series-firewall/upgrade-th

 

NEW QUESTION 58
What is required for an EC2 instance to access the internet directly from an AWS VPC?

  • A. Virtual Private Gateway
  • B. Internet Gateway
  • C. Customer Gateway
  • D. Transit Gateway

Answer: B

 

NEW QUESTION 59
How can you use Prisma Public Cloud to identify Amazon EC2 instances that have been tagged as "Private?

  • A. Open the Asset Dashboard, filter on tags: and choose "Private."
  • B. Create an RQL network query to identify traffic from resources tagged "Private."
  • C. Create an RQL config query to identify resources with the tag "Private."
  • D. Generate a CIS compliance report and review the "Asset Summary."

Answer: A

 

NEW QUESTION 60
In which two ways does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies? (Choose two.)

  • A. VM Orchestration Policy Editor
  • B. support for Dynamic Address Groups
  • C. fully instrumented API
  • D. Aperture Orchestration Engine

Answer: B,C

 

NEW QUESTION 61
......


Palo Alto Networks PSE-PrismaCloud Exam Syllabus Topics:

TopicDetails
Topic 1
  • Provide design consultation and standard methodology mentorship for rollout|Provide technical demos for strategic prospects and current accounts of Palo Alto Networks virtual offerings and integration in existing data center environments
Topic 2
  • Help develop relationships with new Born-in-the-Cloud partners who will be integral in winning over new customers
Topic 4
  • Effectively lead and support customer demonstrations with our System Engineers that showcase our value
Topic 5
  • Be the technical voice of Sales for all things related to security and compliance in Public Cloud
Topic 6
  • Act as the customers advocate for any issues that require technical assistance and follow up with the customer until the issue is resolved
Topic 7
  • Interact locally and remotely with customers in an equally persuasive, confident manner
Topic 8
  • Lead conversations about industry trends and emerging changes
  • Support relationship expansion with top existing partners for Public Cloud
Topic 9
  • Assist with the training of new System Engineers in their designated region in installs customer presentations, and internally-focused deal preparation activities
Topic 10
  • Strategy planning for moving critical data, intellectual property
  • Experience as a system engineer, solutions architect
Topic 11
  • Ability to discuss, with credibility, competitive offers in the marketplace and effectively differentiate against them

 

Latest PSE-PrismaCloud Exam Dumps - Valid and Updated Dumps: https://www.updatedumps.com/Palo-Alto-Networks/PSE-PrismaCloud-updated-exam-dumps.html

Verified PSE-PrismaCloud Exam Questions Certain Success: https://drive.google.com/open?id=1fUW-hQ8hoHUgZW_vseomaxymAKJ72zAZ

Related Articles

more
Palo Alto Networks PSE-PrismaCloud Certification Practice Exam