
Get 2024 Updated Free Palo Alto Networks PSE-SASE Exam Questions and Answer
PSE-SASE Dumps PDF and Test Engine Exam Questions
NEW QUESTION # 15
What is a benefit of deploying secure access service edge (SASE) with a secure web gateway (SWG) over a SASE solution without a SWG?
- A. It creates tunnels that allow users and systems to connect securely over a public network as if they were connecting over a local area network (LAN).
- B. Protection is offered in the cloud through a unified platform for complete visibility and precise control over web access while enforcing security policies that protect users from hostile websites.
- C. It prepares the keys and certificates required for decryption, creating decryption profiles and policies, and configuring decryption port mirroring.
- D. A heartbeat connection between the firewall peers ensures seamless failover in the event that a peer goes down.
Answer: B
NEW QUESTION # 16
Which action protects against port scans from the internet?
- A. Assign Security profiles to Security policy rules for traffic sourcing from the untrust zone.
- B. Assign an Interface Management profile to the zone of the ingress surface.
- C. Apply App-ID Security policy rules to block traffic sourcing from the untrust zone.
- D. Apply a Zone Protection profile on the zone of the ingress interface.
Answer: D
NEW QUESTION # 17
What are three ways the secure access service edge (SASE) model can help an organization? (Choose three.)
- A. decreased reliance on best practices
- B. data protection
- C. increased licensing requirements
- D. increased performance
- E. cost savings
Answer: B,D,E
NEW QUESTION # 18
Which two prerequisites must an environment meet to onboard Prisma Access mobile users? (Choose two.)
- A. Mapping of trust and untrust zones must be configured.
- B. Mobile user subnet and DNS portal name must be configured.
- C. Zoning must be configured to require a user ID for the mobile users trust zone.
- D. BGP must be configured so that service connection networks can be advertised to the mobile gateways.
Answer: B,C
NEW QUESTION # 19
Which statement describes the data loss prevention (DLP) add-on?
- A. It prevents phishing attacks by controlling the sites to which users can submit valid corporate credentials.
- B. It is a centrally delivered cloud service with unified detection policies that can be embedded in existing control points.
- C. It enables data sharing with third-party tools such as security information and event management (SIEM) systems.
- D. It employs automated policy enforcement to allow trusted behavior with a new Device-ID policy construct.
Answer: B
NEW QUESTION # 20
How does Autonomous Digital Experience Management (ADEM) improve user experience?
- A. The root cause of any alert can be viewed with a single click, allowing users to swiftly stop attacks across the environment.
- B. It applies in-depth hunting and forensics knowledge to identify and contain threats before they become a breach.
- C. Working from home or branch offices, all users get the benefit of a digital experience management solution without the complexity of installing additional software and hardware.
- D. The virtual appliance receives and stores firewall logs without using a local Log Collector, simplifying required steps users must take.
Answer: C
NEW QUESTION # 21
Which two services are provided by Prisma Access Insights? (Choose two.)
- A. detection of hard-to-find security issues via AI-based innovations to normalize, analyze, and stitch together an enterprise's data
- B. configuration of the on-premises firewall located behind the service-connection termination
- C. summary overview screen of the health and performance of an organization's entire Prisma Access environment
- D. multiple dashboards for focused views of different deployments, the corresponding alerts, and the health status of the infrastructure
Answer: C,D
NEW QUESTION # 22
Which two services are part of the Palo Alto Networks cloud-delivered security services (CDSS) package?
(Choose two.)
- A. Advanced URL Filtering (AURLF)
- B. security information and event management (SIEM)
- C. virtual desktop infrastructure (VDI)
- D. Internet of Things (IoT) Security
Answer: A,D
NEW QUESTION # 23
What is a benefit of a cloud-based secure access service edge (SASE) infrastructure over a Zero Trust Network Access (ZTNA) product based on a software-defined perimeter (SDP) model?
- A. Connection to physical SD-WAN hubs in ther locations provides increased interconnectivity between branch offices.
- B. Users, devices, and apps are identified no matter where they connect from.
- C. Complexity of connecting to a gateway is increased, providing additional protection.
- D. Virtual private network (VPN) services are used for remote access to the internal data center, but not the cloud.
Answer: B
NEW QUESTION # 24
Which App Response Time metric is the measure of network latency?
- A. Round Trip Time (RTT)
- B. Network Transfer Time (NTTn)
- C. UDP Response Time (UDP-TRT)
- D. Server Response Time (SRT)
Answer: A
NEW QUESTION # 25
Which two key benefits have been identified for a customer investing in the Palo Alto Networks Prisma secure access service edge (SASE) solution? (Choose two.)
- A. reduced input required from management during third-party investigations
- B. decreased likelihood of a data breach
- C. reduced number of security incidents requiring manual investigation
- D. decreased need for interaction between branches
Answer: A,C
NEW QUESTION # 26
Which product draws on data collected through PAN-OS device telemetry to provide an overview of the health of an organization's next-generation firewall (NGFW) deployment and identify areas for improvement?
- A. Cloud Identity Engine (CIE)
- B. Device Insights
- C. DNS Security
- D. security information and event management (SIEM)
Answer: B
NEW QUESTION # 27
What can prevent users from unknowingly downloading potentially malicious file types from the internet?
- A. Apply a Zone Protection profile to the untrust zone.
- B. Apply a File Blocking profile to Security policy rules that allow general web access.
- C. Assign a Vulnerability profile to Security policy rules that deny general web access.
- D. Assign an Antivirus profile to Security policy rules that deny general web access.
Answer: B
NEW QUESTION # 28
The Cortex Data Lake sizing calculator for Prisma Access requires which three values as inputs? (Choose three.)
- A. number of mobile users purchased
- B. number of log-forwarding destinations
- C. retention period for the logs to be stored
- D. throughput of remote networks purchased
- E. cloud-managed or Panorama-managed deployment
Answer: A,C,D
NEW QUESTION # 29
A customer currently has 150 Mbps of capacity at a site. Records show that, on average, a total of 30 Mbps of bandwidth is used for the two links.
What is the appropriate Prisma SD-WAN license for this site?
- A. 50 Mbps
- B. 25 Mbps
- C. 175 Mbps
- D. 250 Mbps
Answer: A
NEW QUESTION # 30
Which type of access allows unmanaged endpoints to access secured on-premises applications?
- A. manual external gateway
- B. Prisma Access Clientless VPN
- C. GlobalProtect VPN for remote access
- D. secure web gateway (SWG)
Answer: B
NEW QUESTION # 31
Which two point products are consolidated into the Prisma secure access service edge (SASE) platform?
(Choose two.)
- A. Threat Intelligence Platform (TIP)
- B. security information and event management (SIEM)
- C. firewall as a service (FWaaS)
- D. Autonomous Digital Experience Management (ADEM)
Answer: C,D
NEW QUESTION # 32
......
Verified PSE-SASE exam dumps Q&As with Correct 67 Questions and Answers: https://www.validvce.com/PSE-SASE-exam-collection.html
Get New PSE-SASE Certification – Valid Exam Dumps Questions: https://drive.google.com/open?id=1iirsLi2bYiVJ4r5buUWXm5RPUlXW6mzU
