[2022] PSE-PrismaCloud.pdf - Questions Answers PDF Sample Questions Reliable
Palo Alto Networks PSE-PrismaCloud Dumps PDF Are going to be The Best Score
Palo Alto Networks PSE-PrismaCloud Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
NEW QUESTION 32
What is a permanent public IP called on Amazon Web Services?
- A. PIP
- B. Floating IP
- C. Reserved IP
- D. EIP
Answer: D
NEW QUESTION 33
A customer CSO has asked you to demonstrate how to identify all "Amazon RDS" resources deployed and the region that they are deployed in. What are two ways that Prisma Public Cloud can show the relevant information?(Choose two.)
- A. Write an RQL query from the "Investigate" tab.
- B. Generate a compliance report from the Compliance dashboard
- C. Configure an Inventory report from the "Alerts" tab
- D. Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.
Answer: B,D
NEW QUESTION 34
Based on the diagram, how many routes will the virtual gateway advertise to the on-premises NGFW over the Amazon Web Services Direct Connect link?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
NEW QUESTION 35
Which three types of security checks can Prisma Public Cloud perform? (Choose three.)
- A. event where
- B. compliance where
- C. user where
- D. network where
- E. config where
Answer: A,D,E
NEW QUESTION 36
When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)
- A. Group14 / SHA-256 / AES-256-CBC / IKE-V1
- B. Group2 / SHA-1 / AES-128-CBC
- C. Group2 / SHA-1 / AES-128-CBC / IKE-V1
- D. Group2 / SHA-1 / AES-128-GCM / IKE-V1
- E. Group14 / SHA-256 / AES-256-GCM / IKE-V1
Answer: B,D,E
NEW QUESTION 37
A client has a sensitive internet-facing application server in Microsoft Azure and is concerned about resource exhaustion because of distributed denial-of-service attacks What can be configured on the VM-Series firewall to specifically protect this server against this type of attack?
- A. Custom threat signature
- B. DoS Protection Profile with specific session counts
- C. QoS Profile to limit incoming requests
- D. Zone Protection Profile
Answer: D
NEW QUESTION 38
Which RQL string returns a list of all Azure virtual machines that are not currently running?
- A. config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"
- B. config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'
- C. config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"
- D. config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"
Answer: D
NEW QUESTION 39
Which Amazon Web Services security service can provide host vulnerability information to Prisma Public Cloud?
- A. Shield
- B. Inspector
- C. GuardDuty
- D. Amazon Web Services WAF
Answer: C
Explanation:
Explanation
http://www.paloguard.com/datasheets/prisma-cloud-on-aws.pdf
NEW QUESTION 40
Match the logging service with its cloud provider.
Answer:
Explanation:
NEW QUESTION 41
Match the query type with its corresponding search
Answer:
Explanation:
Explanation
network where,
event where,
config where
NEW QUESTION 42
How does a customer that has deployed a VM-Series NGFW on Microsoft Azure using a BYOL license change to a PAYG license structure?
- A. purchase a new PAYG license from a reseller
- B. launch a new VM using the PAYG image
- C. purchase a new PAYG license for Microsoft Azure from Palo Alto Networks
- D. go to Palo Alto Networks Support website to change the BYOL license to a PAYG license
Answer: D
NEW QUESTION 43
An administrator deploys a VM-Series firewall into Amazon Web Services. Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?
- A. source/destination checking
- B. tags
- C. security group
- D. elastic ip address
Answer: A
Explanation:
Explanation
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/de
NEW QUESTION 44
Which RQL string searches for all EBS volumes that do not have a "DataClassification" tag?
- A. config where api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1
- B. config where api.name = 'aws-ec2-describe-volumes, AND json.rule = tags[*]key contains DataClassification
- C. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*]key != DataClassification
- D. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*].key exists
Answer: C
NEW QUESTION 45
Which three methods can provide application-level security for a web server instance on Amazon Web Services? (Choose three.)
- A. Traps
- B. Prisma SaaS
- C. VM-Series firewalls
- D. Amazon Web Services WAF
- E. Security Groups
Answer: A,C,D
NEW QUESTION 46
Which Amazon Web Services security service can provide host vulnerability information to Prisma Public Cloud?
- A. Shield
- B. Inspector
- C. GuardDuty
- D. Amazon Web Services WAF
Answer: B
NEW QUESTION 47
Which three services can Google Cloud Security Scanner assess? (Choose three.)
- A. Google Kubernetes Engine
- B. BigQuery
- C. Google Virtual Private Cloud
- D. Compute Engine
- E. App Engine
Answer: A,D,E
NEW QUESTION 48
......
Use PSE-PrismaCloud Exam Dumps (2022 PDF Dumps) To Have Reliable PSE-PrismaCloud Test Engine: https://passleader.testpassking.com/PSE-PrismaCloud-exam-testking-pass.html