← Back to exam page

PSE-Strata Palo Alto Networks System Engineer Professional - Strata

Loading demo links...

Showing 7–9 of 10 questions

Question 7

A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default.

What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

Select an option, then click Submit answer.

  • Palo Alto Networks does not consider port information, instead relying on App-ID signatures that do not reference ports

  • Default policies block all interzone traffic. Palo Alto Networks empowers you to control applications by default ports or a configurable list of approved ports on a per-policy basis

  • Palo Alto Networks keep ports closed by default, only opening ports after understanding the application request, and then opening only the application-specified ports

  • Palo Alto Networks NGFW protects all applications on all ports while leaving all ports opened by default
Question 8

What action would address the sub-optimal traffic path shown in the figure?

Key:

RN - Remote Network

SC - Service Connection

MU GW - Mobile User Gateway

Select an option, then click Submit answer.

  • Onboard a Service Connection in the Americas region

  • Remove the Service Connection in the EMEA region

  • Onboard a Service Connection in the APAC region

  • Onboard a Remote Network location in the EMEA region
Question 9

The WildFire Inline Machine Learning is configured using which Content-ID profiles?

Select an option, then click Submit answer.

  • Antivirus Profile

  • WildFire Analysis Profile

  • Threat Prevention Profile

  • File Blocking Profile