Palo Alto Networks System Engineer Professional - SASE
Last exam update: May 13 ,2024
Page 1 out of 6. Viewing questions 1-10 out of 54
Question 1
Which App Response Time metric is the measure of network latency?
A. Round Trip Time (RTT)
B. Server Response Time (SRT)
C. Network Transfer Time (NTTn)
D. UDP Response Time (UDP-TRT)
Answer:
a
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
What allows enforcement of policies based on business intent, enables dynamic path selection, and provides visibility into performance and availability for applications and networks?
A. Identity Access Management (IAM) methods
B. Firewall as a Service (FWaaS)
C. Instant-On Network (ION) devices
D. Cloud Access Security Broker (CASB)
Answer:
b
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
In which step of the Five-Step Methodology for implementing the Zero Trust model is the Kipling Method relevant?
A. Step 3: Architect a Zero Trust network
B. Step 5: Monitor and maintain the network
C. Step 4: Create the Zero Trust policy
D. Step 2: Map the transaction flows
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
Which two statements apply to features of aggregate bandwidth allocation in Prisma Access for remote networks? (Choose two.)
A. Administrator can allocate up to 120% of the total bandwidth purchased for aggregate locations to support traffic peaks.
B. Administrator must assign a minimum of 50 MB to any compute location that will support remote networks.
C. Administrator is not required to allocate all purchased bandwidth to compute locations for the configuration to be valid.
D. Bandwidth that is allocated to a compute location is statically and evenly distributed across remote networks in that location.
Answer:
ac
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
How does the secure access service edge (SASE) security model provide cost savings to organizations?
A. The single platform reduces costs compared to buying and managing multiple point products.
B. The compact size of the components involved reduces overhead costs, as less physical space is needed.
C. The content inspection integration allows third-party assessment, which reduces the cost of contract services.
D. The increased complexity of the model over previous products reduces IT team staffing costs.
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Which statement applies to Prisma Access licensing?
A. Internet of Things (IOT) Security is included with each license.
B. It provides cloud-based, centralized log storage and aggregation.
C. It is a perpetual license required to enable support for multiple virtual systems on PA-3200 Series firewalls.
D. For remote network and Clean Pipe deployments, a unit is defined as 1 Mbps of bandwidth.
Answer:
d
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
Which two key benefits have been identified for a customer investing in the Palo Alto Networks Prisma secure access service edge (SASE) solution? (Choose two.)
A. decreased likelihood of a data breach
B. reduced input required from management during third-party investigations
C. decreased need for interaction between branches
D. reduced number of security incidents requiring manual investigation
Answer:
bd
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
What are two benefits provided to an organization using a secure web gateway (SWG)? (Choose two.)
A. VPNs remain connected, reducing user risk exposure.
B. Security policies for making internet access safer are enforced.
C. Access to inappropriate websites or content is blocked based on acceptable use policies.
D. An encrypted challenge-response mechanism obtains user credentials from the browser.
Answer:
bc
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
Which action protects against port scans from the internet?
A. Apply App-ID Security policy rules to block traffic sourcing from the untrust zone.
B. Assign Security profiles to Security policy rules for traffic sourcing from the untrust zone.
C. Apply a Zone Protection profile on the zone of the ingress interface.
D. Assign an Interface Management profile to the zone of the ingress surface.
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
In an SD-WAN deployment, what allows customers to modify resources in an automated fashion instead of logging on to a central controller or using command-line interface (CLI) to manage all their configurations?