We're so confident of our products that we provide no hassle product exchange.
Palo Alto Networks Systems Engineer (PSE) - Strata Associate Sample Questions:
1. A Human Resources (HR) application has the URL of https://hr.company.com:4433/.
How should the "Service" column of the Security policy be set to match and permit this application?
A) Set to "application-defaults," which will locate and match the HR application.
B) Edit "service-https" to use port 4433.
C) Define and then select a new custom Transmission Control Protocol (TCP) service with port 4433.
D) Set to "service-http".
2. To use App-ID effectively in Security policies, which three best practices should be followed? (Choose three.) Select 3 Correct Responses
A) Use Policy Optimizer to migrate to an application-based policy.
B) Use Expedition to migrate a port-based policy to PAN-OS.
C) Whenever possible, enable App-ID override.
D) Use phased transition to safely enable applications.
E) After the application is specified in policy, set the 7 service to "any".
3. Which of the following is an appropriate first step for a customer interested in moving to Zero Trust?
A) Secure the funding required to incorporate the new architecture into their existing networks.
B) Set priorities by identifying the most valuable and critical assets and data on their networks.
C) Ask administrators to switch on the Zero Trust options and features of their current products.
D) Request a statement of compliance from their IT vendors against the Zero Trust standard.
4. An administrator wants to deploy a pair of firewalls in an active/active high availability (HA) architecture.
Which two deployment types are supported in this circumstance? (Choose two.) Select 2 Correct Responses
A) Virtual Wire
B) TAP mode
C) Layer 3
D) Layer 2
Solutions:
| Question # 1 Answer: C | Question # 2 Answer: A,B,D | Question # 3 Answer: D | Question # 4 Answer: A,C |
By John
