palo alto networks pse-strata practice test

Palo Alto Networks System Engineer Professional - Strata

Last exam update: Nov 07 ,2025
Page 1 out of 10. Viewing questions 1-10 out of 91

Question 1

Which three settings must be configured to enable Credential Phishing Prevention? (Choose three.)

  • A. validate credential submission detection
  • B. enable User-ID
  • C. define an SSL decryption rulebase
  • D. define URL Filtering Profile
  • E. Enable App-ID
Mark Question:
Answer:

abd


Reference:
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/threat-prevention/prevent-credential-phishing.html

User Votes:
A
50%
B 1 votes
50%
C 1 votes
50%
D 1 votes
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000
sknathan1974
1 year, 3 months ago

https://docs.paloaltonetworks.com/advanced-url-filtering/administration/url-filtering-features/credential-phishing-prevention/set-up-credential-phishing-prevention#idfd42ebad-d0fc-415a-aadc-e222fc2beb80

0

Question 2

In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

  • A. HA3
  • B. HA1
  • C. HA2
  • D. HA4
Mark Question:
Answer:

c


Reference:
https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/high-availability-for-vm-series-firewall-on- aws/configure-activepassive-ha-on-aws.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Palo Alto Networks publishes updated Command-and-Control signatures.
How frequently should the related signatures schedule be set?

  • A. Once an hour
  • B. Once a day
  • C. Once a week
  • D. Once every minute
Mark Question:
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which three features are used to prevent abuse of stolen credentials? (Choose three.)

  • A. multi-factor authentication
  • B. URL Filtering Profiles
  • C. WildFire Profiles
  • D. Prisma Access
  • E. SSL decryption rules
Mark Question:
Answer:

ace


Reference:
https://www.paloaltonetworks.com/company/press/2017/palo-alto-networks-delivers-industry-first-capabilities-to-prevent-credential-theft-and-abuse

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5

What aspect of PAN-OS allows for the NGFW admin to create a policy that provides auto-remediation for anomalous user behavior and malicious activity while maintaining user visibility?

  • A. Remote Device UserID Agent
  • B. user-to-tag mapping
  • C. Dynamic User Groups
  • D. Dynamic Address Groups
Mark Question:
Answer:

c


Reference:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

In which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data applications assets, and services (DAAS) be identified?

  • A. Step 2: Map the transaction flows
  • B. Step 4: Create the Zero Trust policy
  • C. Step 1: Define the protect surface
  • D. Step 3: Architect a Zero Trust network
Mark Question:
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

A customer is designing a private data center to host their new web application along with a separate headquarters for users.
Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?

  • A. WildFire
  • B. Threat Prevention
  • C. Advanced URL Filtering (AURLF)
  • D. DNS Security
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which two of the following does decryption broker provide on a NGFW? (Choose two.)

  • A. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic only once
  • B. Eliminates the need for a third party SSL decryption option which allows you to reduce the total number of third party devices performing analysis and enforcement
  • C. Provides a third party SSL decryption option which allows you to increase the total number of third party devices performing analysis and enforcement
  • D. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic multiple times
Mark Question:
Answer:

ab


Reference:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/decryption-broker.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which two features are key in preventing unknown targeted attacks? (Choose two.)

  • A. Single Pass Parallel Processing (SP3)
  • B. nightly botnet report
  • C. App-ID with the Zero Trust model
  • D. WildFire Cloud threat analysis
Mark Question:
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

A customer is concerned about zero-day targeted attacks against its intellectual property.
Which solution informs a customer whether an attack is specifically targeted at them?

  • A. Cortex XDR Prevent
  • B. AutoFocus
  • C. Cortex XSOAR Community edition
  • D. Panorama Correlation Report
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2