11/27/2018 Realize Your Potential: paloaltonetworks

Test - Palo Alto Networks Accredited Systems Engineer (PSE): Foundation Accreditation Exam

PSE: Foundation

Question 1 of 20.
Which three technologies are part of Palo Alto Networks next-generation firewall? (Choose three.)

Unified Threat Management

App-ID
Malware-ID
Decryption-ID
Content-ID
User-ID

Mark for follow up

Question 2 of 20.

The VM-Series firewalls support which five environments? (Choose five.)

AWS
Google Cloud Platform
VMware ESXi
Citrix XenServer
Azure
Linux VServer
VMware NSX

Mark for follow up

Question 3 of 20.

Which type of security does Aperture provide?

shows which users are running which applications, and provides a method for controlling application access by user
simplifies workflows to create and enforce new application controls, and analyzes critical threat events for those applications
provides visibility into recently occurring threats, and shows how to block those threats
allows you to connect directly to SaaS applications to provide data classification and threat detection to secure and manage sanctioned applications
serves as a policy enhancement on the Palo Alto Networks firewall that provides visibility into applications and control of those applications

Mark for follow up

Question 4 of 20.
Which three features would prevent a successful attempt during the exfiltration stage of the attack chain? (Choose three.)

GlobalProtect
file blocking
URL filtering
WildFire®
DNS monitoring and sinkholing

Mark for follow up

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 1/5
11/27/2018 Realize Your Potential: paloaltonetworks
Question 5 of 20.
How can you extend WildFire® analysis resources to a WildFire hybrid cloud?

Configure a WildFire private cloud to forward files directly to the WildFire hybrid cloud for analysis of less sensitive or unsupported file types.
Configure the firewall to continue to forward sensitive files to your WildFire private cloud for Local Analysis and to forward less sensitive or
unsupported file types to the WildFire public cloud.
Combine the WildFire public cloud with the Traps Management Service, the cloud protection solution to monitor all endpoints.
Configure another firewall in between the hybrid cloud and the main firewall that forwards files to the WildFire cloud, making sure that the firewall in
the middle is using port 443 for file submissions.

Mark for follow up

Question 6 of 20.
What are the three main benefits of WildFire®? (Choose three.)

By collecting and distributing malware signatures from every major antivirus vendor, it can provide comprehensive protection.
Signatures for identified malware quickly are distributed globally to all Palo Alto Networks customers' firewalls.
Because a Palo Alto Networks proprietary cloud-based architecture is used, quarantine holds on suspicious files typically are reduced to fewer than
30 seconds.
It gathers information from possible threats detected by next-generation firewalls, endpoints, and Aperture.
It uses a sandboxing environment that can detect malware by analyzing the behavior of unknown files.

Mark for follow up

Question 7 of 20.

True or false: Antivirus inspection is proxy-based.

True
False
Mark for follow up

Question 8 of 20.
True or false: One advantage of Single-Pass Parallel Processing (SP3) is that traffic can be scanned with minimum latency as it crosses the
firewall.

True
False
Mark for follow up

Question 9 of 20.
True or false: AutoFocus is an on-premise-based threat intelligence service that gives security operations teams direct access to all the threat
intelligence gathered from the Palo Alto Networks Unit 42 Threat Research team to correlate attack data and analysis.

True
False
Mark for follow up

Question 10 of 20.
Which statement is true about how WildFire® scans files for viruses, malware, and spyware?

The firewall must have a WildFire Analysis Profile rule attached to a Security policy rule that will scan files for viruses, malware, and spyware.
A WildFire Analysis Profile needs to be set to define which files to forward to the WildFire cloud to trigger inspection for zero-day malware.
The firewall must have policy rules in place before it can forward the questionable file to WildFire, where the file is analyzed for zero-day malware.
For WildFire to be most effective, you need to deploy a WF-500 appliance to get the full benefits of WildFire threat intelligence scanning.

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 2/5
11/27/2018 Realize Your Potential: paloaltonetworks

Mark for follow up

Question 11 of 20.

How does the Log Collector differ from the Logging Service?

The Log Collector is hardware-based, whereas the Logging Service is scalable on demand.
The Log Collector ensures redundancy by having multiple copies of your log database, whereas the Logging Service is regionalized based on your
location.
The Log Collector provides a centralized repository for your on-premise and virtual firewalls, whereas the Logging Service provides only data
isolation to avoid cross-contamination of logs.
The Log Collector has built-in log redundancy, whereas the Logging Service has no cloud compliance requirements.

Mark for follow up

Question 12 of 20.

How frequently are WildFire® updates about previously unknown files delivered from the cloud to customers with a WildFire subscription?

every 30 minutes
every 60 minutes
every day
every 5 minutes
every 15 minutes

Mark for follow up

Question 13 of 20.
True or false: PAN-DB is a service that aligns URLs with category types defined by Palo Alto Networks. Websites are classified through
various means, including data provided by the Threat Intelligence Cloud.

True
False
Mark for follow up

Question 14 of 20.
What is the main role of GlobalProtect?

look for malware on the endpoint

sandbox files on the Threat Intelligence Cloud
extend protections and policies to endpoints
categorize URLs

Mark for follow up

Question 15 of 20.
What are five benefits of Palo Alto Networks next-generation firewalls? (Choose five.)

feature-specific modular hardware

convenient configuration wizard
seamless integration with the WildFire® Threat Intelligence Cloud
comprehensive security platform designed to scale functionality over time
easy-to-use GUI that is the same on all models
identical security features on all models
predictable throughput

Mark for follow up

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 3/5
11/27/2018 Realize Your Potential: paloaltonetworks

Question 16 of 20.

What is the function of the Decryption Broker on the next-generation firewall?

decode applications and URL traffic coming through the firewall and assign priority to specific traffic patterns according to geographical location
provide content inspection of all known and unknown traffic sessions at the granular level
function as centralized communication between firewalls for decoding traffic content
consolidate all the information from scans for unknown malware, system status, and system health alerts of the firewall into one central broker
interface
eliminate the need for a third-party SSL decryption solution and reduce the number of third-party devices performing traffic analysis and enforcement

Mark for follow up

Question 17 of 20.

What are two features of the Traps Management Service? (Choose two.)

requires no server licenses or databases

Integrate with GlobalProtect into a single agent that manages both endpoint protection and mobile user connectivity
be deployed as a cloud-managed service solution
be deployed with your own hardware and infrastructure

Mark for follow up

Question 18 of 20.
Which product combines data from multiple sources, including third-party providers, correlates it to the Palo Alto Networks threat intelligence
database, and uses it to prevent attacks?

WildFire®
AutoFocus
Magnifier
Evident
Aperture
GlobalProtect

Mark for follow up

Question 19 of 20.
What are the three essential components of a Magnifier deployment? (Choose three.)

Aperture logs
Log Collector
Logging Service
MineMeld
Panorama
Pathfinder
AutoFocus Logs

Mark for follow up

Question 20 of 20.
True or false: Content-ID technology combines results from WildFire® analysis with administrator-defined policies to inspect and control
content traversing the firewall, using data-loss prevention techniques in a single, unified engine.

True
False
Mark for follow up

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 4/5
11/27/2018 Realize Your Potential: paloaltonetworks

Save / Return Later Summary

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 5/5