PSE-STRATADC Online Practice Questions and Answers
How is traffic directed to a Palo Alto Networks firewall integrated with Cisco ACI?
A. by creating an access policy
B. through a policy-based redirect (PBR)
C. contracts between EPGs that send traffic to the firewall using a shared policy
D. through a virtual machine monitor (VMM) domain
Which environment is least likely to be placed on a public cloud by a hospital that has a large health information management application?
A. production
B. development
C. testing
D. QA
Which three criteria are required to deploy VM-Series firewalls in High Availability? (Choose three)
A. deployed on same type of hypervisor
B. allocate identical CPU cores and network interfaces
C. assigned identical licenses and subscriptions
D. deployed on a different host
E. configured asymmetric routing
Which VM-Series can be deployed on Amazon Web Services (AWS)?
A. Can deploy any VM-Series except the VM-50
B. Only VM-100, VM-200 and VM-300
C. Any VM-Series model
D. Any VM-Series model except the VM-700
How does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies on demand? (Choose two)
A. Aperture Orchestration Engine (AOE)
B. Support for Dynamic Address Groups
C. Fully instrumented API
D. VM Orchestration Policy Editor
Which type of cloud service can be protected by an inline firewall controlled by the organization rather than by the cloud provider?
A. SaaS
B. laaS
C. PaaS
D. FaaS
A company allows employees some personal use of the internet during work time However the CEO is concerned that employees are using too much of the bandwidth for YouTube. thus causing a performance problem. Which section of the SLR could confirm or allay this concern?
A. Categories with the Most Applications
B. Categories Consuming the Most Bandwidth
C. Bandwidth Consumed by Applications
D. High-Risk Applications
Which two design options address split-brain when configuring HA? (Choose two)
A. Send heartbeats across the HA2 interfaces.
B. Bundle multiple interfaces in an Aggregated Interface Group and assign HA2.
C. Use the heartbeat backup.
D. Add a backup HA1 interface.
In a VMware deployment, in order for the customer to get maximum performance out of a VM-700 firewall in PAN-OS 8 x how many virtual CPU cores can be used?
A. 8
B. 3
C. 32
D. 16
When deploying VM series on NSX platform to support micro-segmentation, which statement is NOT correct?
A. VM-Series uses NetX API to receive and send packets
B. Traffic steering rules could be defined on Panorama and pushed to NSX Manager
C. VM-Series provide Multi-tenancy support with multiple zones
D. One panorama could support to connect with only one NSX manager
In the following scenario, Route-based firewall redundancy is deployed in a Data Center, which statement is true?
A. IP addresses of Firewall interfaces will move between devices when a firewall fails.
B. The 2 firewalls are in Active-Standby HA status.
C. Firewalls use dynamic routing protocols to determine the best path.
D. Floating IP addresses are necessary for HA configuration.
What is the default session distribution policy in the PA-7000 Series?
A. Hash
B. Egress-Slot
C. Round Robin
D. Ingress-Slot
Which interface mode do you use to generate the statdump file that can be converted into an SLR?
A. Virtual Wire
B. Layer 2
C. TAP
D. Layer 3
What are the benefits of NSX-V?
A. supports the Data Plane Development Kit (DPDK) libraries; enables Stackdnver Monitoring on the VMware Series Firewall, works with Cloud Launcher
B. virt-manager wizard to help with the installation process; virsh command to deploy the VM-Series; virtinstallcommand to install
C. sturdier centralized management; automated deployment ease in administering tenants and dedicated compute infrastructure; tighter integration between virtual environment and security enforcement of dynamic security
D. leverages Prism Central
A customer in a non-NSX VMware environment wantsto add a VM-Series firewall and to partition an existing group of VMs in the same subnet into two groups. One group needs no additional security, but the second group requires substantially more security.
How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?
A. Create a new virtual switch and use the VM-Series firewall to separate virtual switches using Virtual Wire mode Then move the guests that require more security into the new virtual switch.
B. Edit the IP address of all of the affected VMs.
C. Send the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode. Use the same IP address as the old default gateway, then delete the old default gateway.
D. Create a Layer 3 interface in the same subnet as the VMs and configure proxy ARP.
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.