palo alto networks pse-sase practice test

Palo Alto Networks System Engineer Professional - SASE

Last exam update: Feb 21 ,2024
Page 1 out of 6. Viewing questions 1-10 out of 54

Question 1

Which App Response Time metric is the measure of network latency?

  • A. Round Trip Time (RTT)
  • B. Server Response Time (SRT)
  • C. Network Transfer Time (NTTn)
  • D. UDP Response Time (UDP-TRT)
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

What allows enforcement of policies based on business intent, enables dynamic path selection, and provides visibility into performance and availability for applications and networks?

  • A. Identity Access Management (IAM) methods
  • B. Firewall as a Service (FWaaS)
  • C. Instant-On Network (ION) devices
  • D. Cloud Access Security Broker (CASB)
Answer:

b

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

In which step of the Five-Step Methodology for implementing the Zero Trust model is the Kipling Method relevant?

  • A. Step 3: Architect a Zero Trust network
  • B. Step 5: Monitor and maintain the network
  • C. Step 4: Create the Zero Trust policy
  • D. Step 2: Map the transaction flows
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which two statements apply to features of aggregate bandwidth allocation in Prisma Access for remote networks? (Choose two.)

  • A. Administrator can allocate up to 120% of the total bandwidth purchased for aggregate locations to support traffic peaks.
  • B. Administrator must assign a minimum of 50 MB to any compute location that will support remote networks.
  • C. Administrator is not required to allocate all purchased bandwidth to compute locations for the configuration to be valid.
  • D. Bandwidth that is allocated to a compute location is statically and evenly distributed across remote networks in that location.
Answer:

ac

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

How does the secure access service edge (SASE) security model provide cost savings to organizations?

  • A. The single platform reduces costs compared to buying and managing multiple point products.
  • B. The compact size of the components involved reduces overhead costs, as less physical space is needed.
  • C. The content inspection integration allows third-party assessment, which reduces the cost of contract services.
  • D. The increased complexity of the model over previous products reduces IT team staffing costs.
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which statement applies to Prisma Access licensing?

  • A. Internet of Things (IOT) Security is included with each license.
  • B. It provides cloud-based, centralized log storage and aggregation.
  • C. It is a perpetual license required to enable support for multiple virtual systems on PA-3200 Series firewalls.
  • D. For remote network and Clean Pipe deployments, a unit is defined as 1 Mbps of bandwidth.
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which two key benefits have been identified for a customer investing in the Palo Alto Networks Prisma secure access service edge (SASE) solution? (Choose two.)

  • A. decreased likelihood of a data breach
  • B. reduced input required from management during third-party investigations
  • C. decreased need for interaction between branches
  • D. reduced number of security incidents requiring manual investigation
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

What are two benefits provided to an organization using a secure web gateway (SWG)? (Choose two.)

  • A. VPNs remain connected, reducing user risk exposure.
  • B. Security policies for making internet access safer are enforced.
  • C. Access to inappropriate websites or content is blocked based on acceptable use policies.
  • D. An encrypted challenge-response mechanism obtains user credentials from the browser.
Answer:

bc

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which action protects against port scans from the internet?

  • A. Apply App-ID Security policy rules to block traffic sourcing from the untrust zone.
  • B. Assign Security profiles to Security policy rules for traffic sourcing from the untrust zone.
  • C. Apply a Zone Protection profile on the zone of the ingress interface.
  • D. Assign an Interface Management profile to the zone of the ingress surface.
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

In an SD-WAN deployment, what allows customers to modify resources in an automated fashion instead of logging on to a central controller or using command-line interface (CLI) to manage all their configurations?

  • A. dynamic user group (DUG)
  • B. DNS server
  • C. application programming interface (API)
  • D. WildFire
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2