Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PSE-Prisma-Pro-24

Free Palo Alto Networks PSE-Prisma-Pro-24 Exam Questions (page: 2)

Page 2 of 16
PDF with 115 Questions

Which configuration needs to be done to perform user entity behavior analysis with Prisma Public Cloud?

  1. Create alert rules.
  2. Whitelist IP addresses.
  3. Configure User-ID.
  4. Define enterprise settings.

Answer(s): D



Which two cloud providers support Load Balancers as next hop configurations for outbound connections? (Choose two.)

  1. Google Cloud Platform
  2. Microsoft Azure
  3. Oracle Cloud
  4. Amazon Web Services

Answer(s): A,B



DRAG DROP (Drag and Drop is not supported)
Match the query type with its corresponding search

  1. See Explanation for the Answer.

Answer(s): A

Explanation:

network where,
event where,
config where



Which RQL string returns a list of all Azure virtual machines that are not currently running?

  1. config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'
  2. config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"
  3. config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"
  4. config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

Answer(s): B



Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)

  1. iLB-as-next-hop
  2. transit gateway and security VPC with VM-Series
  3. traditional active/standby HA on VM-Series
  4. transit VPC and security VPC with VM-Series

Answer(s): B,C



Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

  1. Excessive login failures
  2. Unusual user activity
  3. Denial-of-service activity
  4. Account hijacking attempts
  5. Suspicious file activity

Answer(s): A,B,D

Explanation:

Account hijacking attempts
--Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
--Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.

Unusual user activity
--Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud- policies/anomaly-policies.html



An administrator deploys a VM-Series firewall into Amazon Web Services.
Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?

  1. security group
  2. tags
  3. elastic ip address
  4. source/destination checking

Answer(s): D

Explanation:

https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series- firewall-on-aws/deploy-the-vm-series-firewall-on-aws/launch-the-vm-series-firewall-on-aws.html



Which Google Cloud Platform project shares its VPC networks with other projects?

  1. Service project
  2. Host project
  3. Admin project
  4. Subscribing project

Answer(s): B

Explanation:

Create a shared VPC using the Trust VPC created when you deployed the firewall template. Set up a shared VPC for the host (firewall) project:
gcloud compute shared-vpc enable HOST_PROJECT_ID

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series- firewall-on-google-cloud-platform/autoscaling-on-google-cloud-platform/deploy-autoscaling-on- google-cloud.html



Viewing page 2 of 16



Post your Comments and Discuss Palo Alto Networks PSE-Prisma-Pro-24 exam prep with other Community members:

PSE-Prisma-Pro-24 Exam Discussions & Posts