New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

PSE-SoftwareFirewall Palo Alto Networks Systems Engineer (PSE): Software Firewall Professional Questions and Answers

Questions 4

What does the number of required flex credits for a VM-Series firewall depend on?

Options:

A.

IP address allocation

B.

Memory allocation

C.

Network interface allocation

D.

vCPU allocation

Buy Now
Questions 5

Which protocol is used for communicating between VM-Series firewalls and a gateway load balancer in Amazon Web Services (AWS)?

Options:

A.

Geneve

B.

VRLAN

C.

VMLAN

D.

GRE

Buy Now
Questions 6

Which two design options address split brain when configuring high availability (HA)? (Choose two.)

Options:

A.

Bundling multiple interfaces in an aggregated interface group and assigning HA2

B.

Using the heartbeat backup

C.

Sending heartbeats across the HA2 interfaces

D.

Adding a backup HA1 interface

Buy Now
Questions 7

What are two environments supported by the CN-Series firewall? (Choose two.)

Options:

A.

OpenShift

B.

Positive K

C.

Native K8

D.

OpenStack

Buy Now
Questions 8

Which element protects and hides an internal network in an outbound flow?

Options:

A.

DNS sinkholing

B.

NAT

C.

User-ID

D.

App-ID

Buy Now
Questions 9

What Palo Alto Networks software firewall protects Amazon Web Services (AWS) deployments with network security delivered as a managed cloud service?

Options:

A.

Ion-Series Ion-Series

B.

CN-Series

C.

Cloud next-generation firewall (NGFW)

D.

VM-Series

Buy Now
Questions 10

Why are containers uniquely suitable for runtime security based on allow lists?

Options:

A.

Containers have only a few defined processes that should ever be executed.

B.

Docker has a built-in runtime analysis capability to aid in allow listing.

C.

Operations teams know which processes are used within a container.

D.

Developers define the processes used in containers within the Dockerfile.

Buy Now
Questions 11

What is the structure of the YAML Ain't Markup Language (YAML) file repository?

Options:

A.

Environment/Kubernetes/Deployment_Type

B.

Kubernetes/Environment/Deployment_Type

C.

Deployment_Type/Kubernetes/Environment

D.

Kubernetes/Deployment_Type/Environment

Buy Now
Questions 12

Which two mechanisms could trigger a high availability (HA) failover event? (Choose two.)

Options:

A.

Ping monitoring

B.

Link monitoring

C.

Session polling

D.

Heartbeat polling

Buy Now
Questions 13

A customer in a VMware ESXi environment wants to add a VM-Series firewall and partition an existing group of virtual machines (VMs) in the same subnet into two groups. One group requires no additional security, but the second group requires substantially more security.

How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?

Options:

A.

Edit the IP address of all of the affected VMs.

B.

Create a new virtual switch and use the VM-Series firewall to separate virtual switches using virtual wire mode. Then move the guests that require more security into the new virtual switch.

C.

Send the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode. Use the same IP address as the old default gateway, then delete it.

D.

Create a Layer 3 interface in the same subnet as the VMs and then configure proxy Address Resolution Protocol (ARP).

Buy Now
Questions 14

Where do CN-Series devices obtain a VM-Series authorization key?

Options:

A.

Panorama

B.

Local installation

C.

GitHub

D.

Customer Support Portal

Buy Now
Questions 15

What are two requirements for automating service deployment of a VM-Series firewall from an NSX Manager? (Choose two.)

Options:

A.

Panorama has been configured to recognize both the NSX Manager and vCenter.

B.

vCenter has been given Palo Alto Networks subscription licenses for VM-Series firewalls.

C.

The deployed VM-Series firewall can establish communications with Panorama.

D.

Panorama can establish communications to the public Palo Alto Networks update servers.

Buy Now
Questions 16

With which two private cloud environments does Palo Alto Networks have deep integrations? (Choose two.)

Options:

A.

Cisco ACI

B.

VMware NSX-T

C.

Nutanix

D.

Dell APEX

Buy Now
Questions 17

Which two criteria are required to deploy VM-Series firewalls in high availability (HA)? (Choose two.)

Options:

A.

Configuration of asymmetric routing

B.

Assignment of identical licenses and subscriptions

C.

Deployment on a different host

D.

Deployment on same type of hypervisor

Buy Now
Questions 18

What must be enabled when using Terraform templates with a Cloud next-generation firewall (NGFW) for Amazon Web Services (AWS)?

Options:

A.

Access to the Cloud NGFW for AWS console

B.

AWS Firewall Manager console access

C.

AWS CloudWatch logging

D.

Access to the Palo Alto Networks Customer Support Portal

Buy Now
Questions 19

Which two valid components are used in installation of a VM-Series firewall in an OpenStack environment? (Choose two.)

Options:

A.

VM-Series VHD image

B.

OpenStack heat template in JSON format

C.

VM-Series qcow2 image

D.

OpenStack heat template in YAML Ain’t Markup Language (YAML) format

Buy Now
Exam Name: Palo Alto Networks Systems Engineer (PSE): Software Firewall Professional
Last Update: Dec 28, 2024
Questions: 65
PSE-SoftwareFirewall pdf

PSE-SoftwareFirewall PDF

$25.5  $84.99
PSE-SoftwareFirewall Engine

PSE-SoftwareFirewall Testing Engine

$30  $99.99
PSE-SoftwareFirewall PDF + Engine

PSE-SoftwareFirewall PDF + Testing Engine

$40.5  $134.99