PSE-PrismaCloud Dumps - Grab Out For [NEW-2022] Palo Alto Networks Exam
PSE-PrismaCloud Exam Dumps PDF Guaranteed Success with Accurate & Updated Questions
NEW QUESTION 27
When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)
- A. Group14 / SHA-256 / AES-256-CBC / IKE-V1
- B. Group2 / SHA-1 / AES-128-CBC
- C. Group2 / SHA-1 / AES-128-CBC / IKE-V1
- D. Group2 / SHA-1 / AES-128-GCM / IKE-V1
- E. Group14 / SHA-256 / AES-256-GCM / IKE-V1
Answer: B,D,E
NEW QUESTION 28
Which two statements are true about CloudFormation? (Choose two.)
- A. CloudFormation templates can be written in JSON or YAML
- B. CloudFormation is a declarative orchestration tool.
- C. CloudFormation is a procedural configuration management tool.
- D. CloudFormation templates can be used on both Amazon Web Services and Microsoft Azure
Answer: A,B
NEW QUESTION 29
Which framework in Prisma Public Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?
- A. HIPAA
- B. GDPR
- C. CIS Benchmark
- D. Payment Card Industry DSS V3
Answer: B
NEW QUESTION 30
Which RQL string searches for all EBS volumes that do not have a "DataClassification" tag?
- A. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*]key != DataClassification
- B. config where api.name = 'aws-ec2-describe-volumes, AND json.rule = tags[*]key contains DataClassification
- C. config where api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1
- D. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*].key exists
Answer: C
NEW QUESTION 31
Match the logging service with its cloud provider.
Answer:
Explanation:
NEW QUESTION 32
What is the scope of the Amazon Web Services IAM Service?
- A. regional
- B. VPC
- C. zonal
- D. global
Answer: D
NEW QUESTION 33
Which cloud provider supports iLB-as-next-hop?
- A. Alibaba Cloud
- B. Microsoft Azure
- C. Oracle Cloud
- D. Amazon Web Services
Answer: D
NEW QUESTION 34
Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance?
(Choose two.)
- A. new Auth Code
- B. CPU ID
- C. UUID
- D. API Key
Answer: B,C
Explanation:
Explanation
In a public cloud deployment, if your firewall is licensed with the BYOL option, you must Deactivate VM before you change the instance type or VM type and apply the license again on the firewall after you complete the model or instance upgrade. When you change the instance type, because the firewall has a new UUID and CPU ID, the existing license will no longer be valid.
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/about-the-vm-series-firewall/upgrade-th
NEW QUESTION 35
Which RQL string using network query attributes returns all traffic destined for Internet or for Suspicious IPs that also exceeds 1GB?
- A. show traffic where destination.network = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
- B. network where publicnetwork = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
- C. network where bytes > 1GB and destination = 'Internet IPs' OR 'Suspicious IPs'
- D. network where dest.publicnetwork IN ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
Answer: D
Explanation:
Explanation
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/rql-examples All network traffic that is greater than 1GB and destined to Internet or Suspicious IPs (allows you to identify data exfiltration attempt on any cloud environment).
network where dest.publicnetwork IN ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000
NEW QUESTION 36
What are three examples of outbound traffic flow? (Choose three.)
- A. Microsoft Windows inside Azure requesting a security patch
- B. issue apt-get install command on an instance inside Amazon Web Services
- C. outgoing Prisma Public Cloud API calls
- D. web server inside Amazon Web Services receiving web requests from internet
- E. issue yum update command on an instance inside Amazon Web Services
Answer: A,B,C
NEW QUESTION 37
What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?
- A. Source Check is enabled and Destination Check is disabled
- B. Both Source and Destination Checks are disabled
- C. Source Check is disabled and Destination Check is enabled
- D. Both Source and Destination Checks are enabled
Answer: B
Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/us
NEW QUESTION 38
What is Prisma Public Cloud licensing based on?
- A. number of accounts onboarded
- B. number of alerts generated
- C. volume of flow logs consumed
- D. number of monitored workloads
Answer: D
NEW QUESTION 39
What is required for an EC2 instance to access the internet directly from an AWS VPC?
- A. Customer Gateway
- B. Internet Gateway
- C. Virtual Private Gateway
- D. Transit Gateway
Answer: B
NEW QUESTION 40
Which three requirements are needed to register a PAYG VM-Series NGFW at the Palo Alto Networks Customer Support website? (Choose three.)
- A. License Key
- B. Auth Code
- C. CPU ID
- D. Serial Number
- E. UUID
Answer: B,C,D
NEW QUESTION 41
Prisma Public Cloud enables compliance monitoring and reporting by mapping which configurations to compliance standards?
- A. notification templates
- B. RQL queries
- C. alert rules
- D. policies
Answer: D
NEW QUESTION 42
Amazon Web Services WAF can be enabled on which two resources?(Choose two.)
- A. AWS ALB
- B. AWS CDN
- C. AWS NLB
- D. AWS NAT Gateway
Answer: A,B
NEW QUESTION 43
What is the default capacity license of a VM-Series NGFW being deployed from the Google Cloud Platform Marketplace?
- A. VM-300
- B. VM-100
- C. VM-500
- D. VM-GCP
Answer: A
NEW QUESTION 44
......
Get New PSE-PrismaCloud Certification Practice Test Questions Exam Dumps: https://torrentvce.pass4guide.com/PSE-PrismaCloud-dumps-questions.html