CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PSE-PRISMACLOUD

Free PSE-PRISMACLOUD Exam Braindumps (page: 3)

Page 2 of 30
PDF with 115 Questions

Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)

  1. iLB-as-next-hop
  2. transit gateway and security VPC with VM-Series
  3. traditional active/standby HA on VM-Series
  4. transit VPC and security VPC with VM-Series

Answer(s): B,C



Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

  1. Excessive login failures
  2. Unusual user activity
  3. Denial-of-service activity
  4. Account hijacking attempts
  5. Suspicious file activity

Answer(s): A,B,D

Explanation:

Account hijacking attempts
--Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
--Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.
Unusual user activity
--Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources.

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud- policies/anomaly-policies.html



An administrator deploys a VM-Series firewall into Amazon Web Services.
Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?

  1. security group
  2. tags
  3. elastic ip address
  4. source/destination checking

Answer(s): D

Explanation:

https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series- firewall-on-aws/deploy-the-vm-series-firewall-on-aws/launch-the-vm-series-firewall-on-aws.html



Which Google Cloud Platform project shares its VPC networks with other projects?

  1. Service project
  2. Host project
  3. Admin project
  4. Subscribing project

Answer(s): B

Explanation:

Create a shared VPC using the Trust VPC created when you deployed the firewall template. Set up a shared VPC for the host (firewall) project:
gcloud compute shared-vpc enable HOST_PROJECT_ID

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series- firewall-on-google-cloud-platform/autoscaling-on-google-cloud-platform/deploy-autoscaling-on- google-cloud.html






Post your Comments and Discuss Palo Alto Networks PSE-PRISMACLOUD exam with other Community members:

PSE-PRISMACLOUD Exam Discussions & Posts