Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PSE-Prisma-Pro-24

Free Palo Alto Networks PSE-Prisma-Pro-24 Exam Questions (page: 7)

Page 3 of 16
PDF with 115 Questions

An administrator has deployed an AWS transit gateway and used multiple VPC spokes to segregate a multi-tier application. The administrator also created a security VPC with multiple VM-Series NGFWs in an active/active deployment model via ECMP using Amazon Web Services VPN-based attachments.
What must be configured on the firewall to avoid asymmetric routing?

  1. source address translation
  2. destination address translation
  3. port address translation
  4. source and destination address translation

Answer(s): A



Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance? (Choose two.)

  1. UUID
  2. new Auth Code
  3. CPU ID
  4. API Key

Answer(s): B,D

Explanation:

In a public cloud deployment, if your firewall is licensed with the BYOL option, you must Deactivate VM before you change the instance type or VM type and apply the license again on the firewall after you complete the model or instance upgrade.
When you change the instance type, because the firewall has a new UUID and CPU ID, the existing license will no longer be valid. https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/about-the-vm-series- firewall/upgrade-the-vm-series-firewall/upgrade-the-vm-series-model



can you create a custom compliance standard in Prisma Public Cloud?

  1. Generate a new Compliance Report.
  2. Create compliance framework in a spreadsheet then import into Prisma Public Cloud.
  3. From Compliance tab, clone a default framework and customize.
  4. From Compliance tab > Compliance Standards, click "Add New."

Answer(s): D

Explanation:

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud- compliance/create-a-custom-compliance-standard



Which three types of security checks can Prisma Public Cloud perform? (Choose three.)

  1. compliance where
  2. network where
  3. user where
  4. config where
  5. event where

Answer(s): B,D,E



Prisma Public Cloud enables compliance monitoring and reporting by mapping which configurations to compliance standards?

  1. RQL queries
  2. alert rules
  3. notification templates
  4. policies

Answer(s): D



What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?

  1. Both Source and Destination Checks are disabled
  2. Both Source and Destination Checks are enabled
  3. Source Check is disabled and Destination Check is enabled
  4. Source Check is enabled and Destination Check is disabled

Answer(s): A

Explanation:

https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series- firewall-on-aws/use-case-secure-the-ec2-instances-in-the-aws-cloud



In which two ways does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies? (Choose two.)

  1. fully instrumented API
  2. Aperture Orchestration Engine
  3. VM Orchestration Policy Editor
  4. support for Dynamic Address Groups

Answer(s): A,D



Which change represents a VM-Series NGFW license transfer?

  1. VM-100 BYOL on Microsoft Azure to VM-100 BYOL on Amazon Web Services
  2. VM-300 BYOL on Microsoft Azure to VM-300 PAY6 on Amazon Web Services
  3. VM-100 BYOL on Microsoft Azure to VM-300 BYOL on Microsoft Azure
  4. VM-100 BYOL on Microsoft Azure to VM-300 PAYG on Amazon Web Services

Answer(s): C



Viewing page 7 of 16
Viewing questions 49 - 56 out of 115 questions



Post your Comments and Discuss Palo Alto Networks PSE-Prisma-Pro-24 exam prep with other Community members:

PSE-Prisma-Pro-24 Exam Discussions & Posts