New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Paloalto Networks PSE-StrataDC Palo Alto Networks System Engineer Professional - Strata Data Center Exam Practice Test

Page: 1 / 6
Total 60 questions

Palo Alto Networks System Engineer Professional - Strata Data Center Questions and Answers

Question 1

A customer wants to completely segment their internal networks They have Cisco switches and extensively use 10Gbps interfaces. They are running VMware ESXi and are considering implementing NSX. Which three Palo Alto Networks firewall models will support this deployment? (Choose three.)

Options:

A.

PA-3050

B.

VM-100

C.

VM-300

D.

PA-3250

E.

PA-7050

Question 2

In a VMware deployment, in order for the customer to get maximum performance out of a VM-700 firewall in PAN-OS 8 x how many virtual CPU cores can be used?

Options:

A.

8

B.

3

C.

32

D.

16

Question 3

In PAN-OS, which three NSX features can be pushed from Panorama? (Choose three )

Options:

A.

user IP mappings

B.

steering rules

C.

multiple authorization codes

D.

security group assignments of VMs

E.

security groups

Question 4

How do Palo Alto Networks NGFWs integrate with an ACI architecture?

Options:

A.

SDN code hooks can help to detonate malicious file samples designed to detect virtual environments

B.

Traffic can be automatically redirected using static Address objects.

C.

VXLAN or NVGRE traffic is terminated and inspected for translation to VLANs.

D.

Controllers can program firewalls using a REST-based API.

Question 5

In the following scenario, Route-based firewall redundancy is deployed in a Data Center, which statement is true?

Question # 5

Options:

A.

IP addresses of Firewall interfaces will move between devices when a firewall fails

B.

The 2 firewalls are in Active-Standby HA status

C.

Firewalls use dynamic routing protocols to determine the best path

D.

Floating IP addresses are necessary for HA configuration

Question 6

How does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies on demand? (Choose two.)

Options:

A.

Aperture Orchestration Engine (AOE)

B.

Support for Dynamic Address Groups

C.

Fully instrumented API

D.

VM Orchestration Policy Editor

Question 7

When would a PA-7000 Series NPC GQXM Card be preferable to a PA-7000 Series NPC GQ Card?

Options:

A.

When the organization requires a greater number of sessions

B.

When the environment has a need for more SFP+ interfaces

C.

When the organization requires gear with a smaller slot size.

D.

When the environment has a need for more policy rules.

Question 8

What are two types of security that can be implemented across every phase of the Build, Ship, and Run lifecycle of a workload? (Choose two )

Options:

A.

Runtime Security

B.

Firewalling

C.

Vulnerability Management

D.

Compliance or Configuration Management

Question 9

What are the differences between Prisma Cloud Enterprise and Prisma Cloud Compute

Options:

A.

The only difference is in the architecture - where the Console is hosted

B.

Prisma Cloud Compute offers lowered runtime defensive capabilities because there is no PANW cloud hosted component.

C.

Prisma Cloud Enterprise does not offer workload protection.

D.

Only Prisma Cloud Compute offers API based cloud protection.

Page: 1 / 6
Total 60 questions