[Q26-Q45] Get 100% Passing Success With True PSE-PrismaCloud Exam! [Oct-2021]

Get 100% Passing Success With True PSE-PrismaCloud Exam! [Oct-2021]

Palo Alto Networks PSE-PrismaCloud PDF Questions - Exceptional Practice To PSE Palo Alto Networks System Engineer Professional - Prisma Cloud

NEW QUESTION 26
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

A. Support for the templates is available through Professional Services from Palo Alto Networks.
B. Palo Alto Networks provides full support if a valid support license is in place.
C. Unless otherwise noted, these templates are released under an as-is. best effort support policy.
D. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.

Answer: D

NEW QUESTION 27
Which cloud provider supports iLB-as-next-hop?

A. Oracle Cloud
B. Alibaba Cloud
C. Amazon Web Services
D. Microsoft Azure

Answer: D

NEW QUESTION 28
Which three services can Google Cloud Security Scanner assess? (Choose three.)

A. Compute Engine
B. App Engine
C. Google Kubernetes Engine
D. BigQuery
E. Google Virtual Private Cloud

Answer: A,B,C

NEW QUESTION 29
How does a customer that has deployed a VM-Series NGFW on Microsoft Azure using a BYOL license change to a PAYG license structure?

A. go to Palo Alto Networks Support website to change the BYOL license to a PAYG license
B. launch a new VM using the PAYG image
C. purchase a new PAYG license from a reseller
D. purchase a new PAYG license for Microsoft Azure from Palo Alto Networks

Answer: B

NEW QUESTION 30
What are three examples of outbound traffic flow? (Choose three.)

A. Microsoft Windows inside Azure requesting a security patch
B. issue apt-get install command on an instance inside Amazon Web Services
C. outgoing Prisma Public Cloud API calls
D. web server inside Amazon Web Services receiving web requests from internet
E. issue yum update command on an instance inside Amazon Web Services

Answer: A,B,C

NEW QUESTION 31
Which regulatory framework in Prisma Public Cloud measures compliance with EU data privacy regulations in Amazon Web Services workloads?

A. ISO 27001
B. EU Data Protection Directive 95/46/EC
C. GDPR
D. Payment Card Industry 3.0

Answer: C

NEW QUESTION 32
How does a customer that has deployed a VM-Series NGFW on Microsoft Azure using a BYOL license change to a PAYG license structure?

A. purchase a new PAYG license from a reseller
B. go to Palo Alto Networks Support website to change the BYOL license to a PAYG license
C. purchase a new PAYG license for Microsoft Azure from Palo Alto Networks
D. launch a new VM using the PAYG image

Answer: B

NEW QUESTION 33
A client has a sensitive internet-facing application server in Microsoft Azure and is concerned about resource exhaustion because of distributed denial-of-service attacks What can be configured on the VM-Series firewall to specifically protect this server against this type of attack?

A. QoS Profile to limit incoming requests
B. DoS Protection Profile with specific session counts
C. Zone Protection Profile
D. Custom threat signature

Answer: B

NEW QUESTION 34
Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance?
(Choose two.)

A. CPU ID
B. UUID
C. new Auth Code
D. API Key

Answer: A,B

Explanation:
Explanation
In a public cloud deployment, if your firewall is licensed with the BYOL option, you must Deactivate VM before you change the instance type or VM type and apply the license again on the firewall after you complete the model or instance upgrade. When you change the instance type, because the firewall has a new UUID and CPU ID, the existing license will no longer be valid.
https://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/about-the-vm-series-firewall/upgrade-th

NEW QUESTION 35
Amazon Web Services WAF can be enabled on which two resources?(Choose two.)

A. AWS CDN
B. AWS NLB
C. AWS NAT Gateway
D. AWS ALB

Answer: A,D

NEW QUESTION 36
Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)

A. transit VPC and security VPC with VM-Series
B. iLB-as-next-hop
C. transit gateway and security VPC with VM-Series
D. traditional active/standby HA on VM-Series

Answer: C,D

NEW QUESTION 37
The customer has an Amazon Web Services Elastic Computing Cloud that provides a service to the internet directly and needs to secure that cloud with a VM-Series NGFW.
Which component handles address translation?

A. The server VMs and the VM-Series NGFW have private use only (RFC 1918) IPs. Amazons cloud infrastructure translates those addresses to publicly accessible IP addresses
B. The server VMs have private use only (RFC 1918) IPs. Amazon's cloud infrastructure translates those addresses to publicly accessible IP addresses. The VM-Series NGFW has publicly accessible IP addresses.
C. The server VMs have private use only (RFC 1918) IPs. The VM-Series NGFW translates those addresses to publicly accessible IP addresses.
D. The servers and VM-Series NGFW have publicly accessible IP addresses for management purposes.

Answer: C

NEW QUESTION 38
Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

A. The author of the template provides full support as long as the PAN-OS version specific to the template is supported.
B. Unless otherwise noted, these templates are released under an as-is. best effort support policy.
C. Support for the templates is available through Professional Services from Palo Alto Networks.
D. Palo Alto Networks provides full support if a valid support license is in place.

Answer: B

NEW QUESTION 39
A customer has deployed a VM-Series NGFW on Amazon Web Services using a PAYG license. What is the sequence required by the customer to switch to a BYOL license?

Answer:

Explanation:

NEW QUESTION 40
Which cloud provider supports iLB-as-next-hop?

A. Oracle Cloud
B. Alibaba Cloud
C. Amazon Web Services
D. Microsoft Azure

Answer: C

NEW QUESTION 41
can you create a custom compliance standard in Prisma Public Cloud?

A. Generate a new Compliance Report.
B. From Compliance tab > Compliance Standards, click "Add New."
C. From Compliance tab, clone a default framework and customize.
D. Create compliance framework in a spreadsheet then import into Prisma Public Cloud.

Answer: B

Explanation:
Explanation
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-compliance/create-a-c

NEW QUESTION 42
Based on the diagram, prioritize the order in which the Virtual Gateway evaluates the best route based on the deterministic B6P Path selection process.