Certbus > Palo Alto Networks > Palo Alto Networks Certifications > PSE-STRATADC > PSE-STRATADC Online Practice Questions and Answers

PSE-STRATADC Online Practice Questions and Answers

Questions 4

How is traffic directed to a Palo Alto Networks firewall integrated with Cisco ACI?

A. by creating an access policy

B. through a policy-based redirect (PBR)

C. contracts between EPGs that send traffic to the firewall using a shared policy

D. through a virtual machine monitor (VMM) domain

Browse 60 Q&As
Questions 5

Which environment is least likely to be placed on a public cloud by a hospital that has a large health information management application?

A. production

B. development

C. testing

D. QA

Browse 60 Q&As
Questions 6

Which three criteria are required to deploy VM-Series firewalls in High Availability? (Choose three)

A. deployed on same type of hypervisor

B. allocate identical CPU cores and network interfaces

C. assigned identical licenses and subscriptions

D. deployed on a different host

E. configured asymmetric routing

Browse 60 Q&As
Questions 7

Which VM-Series can be deployed on Amazon Web Services (AWS)?

A. Can deploy any VM-Series except the VM-50

B. Only VM-100, VM-200 and VM-300

C. Any VM-Series model

D. Any VM-Series model except the VM-700

Browse 60 Q&As
Questions 8

How does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies on demand? (Choose two)

A. Aperture Orchestration Engine (AOE)

B. Support for Dynamic Address Groups

C. Fully instrumented API

D. VM Orchestration Policy Editor

Browse 60 Q&As
Questions 9

Which type of cloud service can be protected by an inline firewall controlled by the organization rather than by the cloud provider?

A. SaaS

B. laaS

C. PaaS

D. FaaS

Browse 60 Q&As
Questions 10

A company allows employees some personal use of the internet during work time However the CEO is concerned that employees are using too much of the bandwidth for YouTube. thus causing a performance problem. Which section of the SLR could confirm or allay this concern?

A. Categories with the Most Applications

B. Categories Consuming the Most Bandwidth

C. Bandwidth Consumed by Applications

D. High-Risk Applications

Browse 60 Q&As
Questions 11

Which two design options address split-brain when configuring HA? (Choose two)

A. Send heartbeats across the HA2 interfaces.

B. Bundle multiple interfaces in an Aggregated Interface Group and assign HA2.

C. Use the heartbeat backup.

D. Add a backup HA1 interface.

Browse 60 Q&As
Questions 12

In a VMware deployment, in order for the customer to get maximum performance out of a VM-700 firewall in PAN-OS 8 x how many virtual CPU cores can be used?

A. 8

B. 3

C. 32

D. 16

Browse 60 Q&As
Questions 13

When deploying VM series on NSX platform to support micro-segmentation, which statement is NOT correct?

A. VM-Series uses NetX API to receive and send packets

B. Traffic steering rules could be defined on Panorama and pushed to NSX Manager

C. VM-Series provide Multi-tenancy support with multiple zones

D. One panorama could support to connect with only one NSX manager

Browse 60 Q&As
Questions 14

In the following scenario, Route-based firewall redundancy is deployed in a Data Center, which statement is true?

A. IP addresses of Firewall interfaces will move between devices when a firewall fails.

B. The 2 firewalls are in Active-Standby HA status.

C. Firewalls use dynamic routing protocols to determine the best path.

D. Floating IP addresses are necessary for HA configuration.

Browse 60 Q&As
Questions 15

What is the default session distribution policy in the PA-7000 Series?

A. Hash

B. Egress-Slot

C. Round Robin

D. Ingress-Slot

Browse 60 Q&As
Questions 16

Which interface mode do you use to generate the statdump file that can be converted into an SLR?

A. Virtual Wire

B. Layer 2

C. TAP

D. Layer 3

Browse 60 Q&As
Questions 17

What are the benefits of NSX-V?

A. supports the Data Plane Development Kit (DPDK) libraries; enables Stackdnver Monitoring on the VMware Series Firewall, works with Cloud Launcher

B. virt-manager wizard to help with the installation process; virsh command to deploy the VM-Series; virtinstallcommand to install

C. sturdier centralized management; automated deployment ease in administering tenants and dedicated compute infrastructure; tighter integration between virtual environment and security enforcement of dynamic security

D. leverages Prism Central

Browse 60 Q&As
Questions 18

A customer in a non-NSX VMware environment wantsto add a VM-Series firewall and to partition an existing group of VMs in the same subnet into two groups. One group needs no additional security, but the second group requires substantially more security.

How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?

A. Create a new virtual switch and use the VM-Series firewall to separate virtual switches using Virtual Wire mode Then move the guests that require more security into the new virtual switch.

B. Edit the IP address of all of the affected VMs.

C. Send the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode. Use the same IP address as the old default gateway, then delete the old default gateway.

D. Create a Layer 3 interface in the same subnet as the VMs and configure proxy ARP.

Browse 60 Q&As
Exam Code: PSE-STRATADC
Exam Name: Palo Alto Networks System Engineer Professional - Strata Data Center
Last Update: Mar 15, 2025
Questions: 60 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99