Weekend Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

Hot Vendors
  1. Home
  2. Paloalto Networks
  3. PSE-Prisma Cloud Professional
  4. PSE-PrismaCloud
  5. PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Questions and Answers

PSE-PrismaCloud PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Questions and Answers

Questions 4

Which two deployment methods are supported for Prisma Cloud Compute (PCC) container Defenders? (Choose two.)

Options:

A.

Azure SQL database instances

B.

Google Kubernetes Engine

C.

Oracle Functions service

D.

Kubernetes DaemonSet

Buy Now
Questions 5

Which statement reflects the default vulnerability management policy?

Options:

A.

Policy rule order has little impact on optimization.

B.

Prisma Cloud scans images in all containers immediately upon policy activation.

C.

The default vulnerability policy rule has an alert threshold to critical.

D.

Prisma Cloud ships all vulnerability policy with a default alert for containers, hosts, and serverless functions.

Buy Now
Questions 6

Which two statements are true about CloudFormation? (Choose two.)

Options:

A.

CloudFormation is a procedural configuration management tool.

B.

CloudFormation templates can be used on both Amazon Web Services and Microsoft Azure

C.

CloudFormation templates can be written in JSON or YAML

D.

CloudFormation is a declarative orchestration tool.

Buy Now
Questions 7

What are three examples of outbound traffic flow? (Choose three.)

Options:

A.

issue yum update command on an instance inside Amazon Web Services

B.

Microsoft Windows inside Azure requesting a security patch

C.

web server inside Amazon Web Services receiving web requests from internet

D.

issue apt-get install command on an instance inside Amazon Web Services

E.

outgoing Prisma Public Cloud API calls

Buy Now
Questions 8

Which option is true about VM-Series NGFW templates available from the Palo Alto Networks GitHub repository?

Options:

A.

Palo Alto Networks provides full support if a valid support license is in place.

B.

Support for the templates is available through Professional Services from Palo Alto Networks.

C.

Unless otherwise noted, these templates are released under an as-is. best effort support policy.

D.

The author of the template provides full support as long as the PAN-OS version specific to the template is supported.

Buy Now
Questions 9

Which RQL string returns a list of all Azure virtual machines that are not currently running?

Options:

A.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'

B.

config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"

C.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

D.

config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

Buy Now
Questions 10

Which two cloud providers provide egress load balancing? (Choose two.)

Options:

A.

Microsoft Azure

B.

Alibaba Cloud

C.

Amazon Web Services

D.

Oracle Cloud

Buy Now
Questions 11

Which three features are not supported by VM-Series NGFWs on Azure Stack? (Choose three.)

Options:

A.

Azure Application Insight

B.

Resource Group

C.

Azure Security Center

D.

Bootstrapping

E.

ARM Template

Buy Now
Questions 12

What does Prisma Cloud execute to change public cloud infrastructure when autoremediation is enabled?

Options:

A.

local scripts to public cloud APIs

B.

remote function calls to host agents

C.

third-party integration tools

D.

public cloud CLI commands

Buy Now
Questions 13

Which pillar of the Prisma Cloud platform allows cloud entitlements to be quickly audited and secured?

Options:

A.

Cloud Security Posture Management

B.

Cloud Identity Security

C.

Cloud Network Security

D.

Cloud Code Security

Buy Now
Questions 14

What configuration on AWS is required in order for VM-Series to forward traffic between its network interfaces?

Options:

A.

Both Source and Destination Checks are disabled

B.

Both Source and Destination Checks are enabled

C.

Source Check is disabled and Destination Check is enabled

D.

Source Check is enabled and Destination Check is disabled

Buy Now
Questions 15

How can you modify a range of dates default policy in Prisma Public Cloud?

Options:

A.

Override the value and commit the configuration.

B.

Clone the existing policy and change the value.

C.

Manually create the RQL statement.

D.

Click the Gear icon next to the policy name to open the Edit Policy dialog

Buy Now
Questions 16

Amazon Web Services WAF can be enabled on which two resources?(Choose two.)

Options:

A.

AWS CDN

B.

AWS NAT Gateway

C.

AWS ALB

D.

AWS NLB

Buy Now
Questions 17

Which Resource Query Language (RQL) query returns a list of all Azure SQL Databases that have transparent data encryption turned in?

Options:

A.

config from cloud.resource where api.name = 'gcloud-compute-instances-list' and json.rule = is TERMINATED

B.

config from cloud.resource where api.name = 'gcloud-compute-instances-list' = TERMINATED

C.

config from cloud.resource where api.name = 'gcloud-compute-instances-list* and json.rule == status TERMINATED

D.

config from cloud.resource where api.name = 'gcloud-compute-instances-list' and json.rule = status contains TERMINATED

Buy Now
Questions 18

What occurs with the command twistcli when scanning images?

Options:

A.

If options are listed after the image name; they will be ignored.

B.

If option "--user" is used, it is mandatory to use option "--password.

C.

If option "--address" is unspecified, all images are scanned.

D.

Option "--output-file" cannot be used in conjunction with option "--details."

Buy Now
Questions 19

Which statement explains the correlation between the block and alert thresholds in a vulnerability management policy?

Options:

A.

The thresholds can be set to informational, low, medium, high, and critical.

B.

The alert threshold always has precedence over, and can be greater than, the block threshold.

C.

The block threshold must always be equal to or greater than the alert threshold.

D.

The block threshold always has precedence over, and can be less than, the alert threshold.

Buy Now
Questions 20

Which Resource Query Language (RQL) query searches for all Relational Database Service (RDS) instances that have a public IP address?

Options:

A.

config from cloud.resource where api.name = 'aws-rds-describe-db-instances' AND json.rule = storageEncrypted is false

B.

event from cloud.audit_logs where api.name = 'aws-rds-describe-db-instances' AND json.rule = publiclyAccessible is true

C.

config from cloud.resource where api.name = 'aws-rds-describe-db-instances' AND json.rule = publiclyAccessible is true

D.

config from cloud.resource where api.name = 'aws-ec2-describe-instances' AND json.rule = publiclyAccessible is true

Buy Now
Questions 21

Which two cloud providers support Load Balancers as next hop configurations for outbound connections? (Choose two.)

Options:

A.

Google Cloud Platform

B.

Microsoft Azure

C.

Oracle Cloud

D.

Amazon Web Services

Buy Now
Questions 22

Where can rules be configured and viewed to configure trusted images?

Options:

A.

Monitor > Compliance > Trusted Images

B.

Monitor > Compliance > Images

C.

Defend > Compliance > Trusted Images

D.

Defend > Compliance > Images

Buy Now
Questions 23

An Azure VNet has the IP network 10.0.0.0/16 with two subnets, 10.0.1.0/24 (used for web servers) and 10.0.2.0/24 (used for database servers). Which is a valid IP address to manage the VM-Series NGFW?

Options:

A.

10.0.1.254

B.

10.0.2.1

C.

10.0.3.255

D.

10.0.3.1

Buy Now
Questions 24

What are two business values of Cloud Code Security? (Choose two.)

Options:

A.

consistent controls from build time to runtime

B.

prebuilt and customizable polices to detect data such as personally identifiable information (PII) in publicly exposed objects

C.

support for multiple languages, runtimes and frameworks

D.

continuous monitoring of all could resources for vulnerabilities, misconfigurations, and other threats

Buy Now
Questions 25

Which type of Resource Query Language (RQL) query is used to create a custom policy that looks for untagged resources?

Options:

A.

config

B.

alert

C.

event

D.

data

Buy Now
Questions 26

A customer has just launched a Palo Alto Networks VM-Series NGFW into an Amazon Web Services VPC to protect a cloud hosted application. They are experiencing unpredictable results and have identified that the interfaces on the firewall are in the incorrect order

Which PAN-OS CLI command resolves this issue?

Options:

A.

set system setting mgmt-interface-swap enable yes

B.

set mgmt-interface settings swap yes

C.

set mgmt-interface swap yes

D.

set system setting mgmt-interface swap yes

Buy Now
Questions 27

What is the Palo Alto Networks default Prisma Cloud setting for Alert Disposition to reduce the number of false positives?

Options:

A.

Conservative

B.

Moderate

C.

High

D.

Aggressive

Buy Now
Questions 28

Which regulatory framework in Prisma Cloud measures compliance with European Union (EU) data privacy regulations in Amazon Web services (AWS) workloads?

Options:

A.

General Data Protection Regulation (GDPR)

B.

International Organization for Standardization (ISO) 27001

C.

Payment Card Industry (PCI) Data Security Standard (DSS) 3.0

D.

EU Data Protection Directive 95/46/EC

Buy Now
Questions 29

What are two examples of Amazon Web Services logging services? (Choose two.)

Options:

A.

CloudLog

B.

CloudEvent

C.

CloudWatch

D.

CIoudTrail

Buy Now
Questions 30

Which pattern syntax will add all images to a trusted images rule within a registry?

Options:

A.

*.acme.com

B.

acme/*

C.

acme.com/myrepo/allimages:/*

D.

registry.acme.com/*

Buy Now
Questions 31

What happens in Prisma Cloud after Training Model Threshold or Alert Disposition is changed?

Options:

A.

Changes will take effect after a new learning phase of 30 days.

B.

System will perform a reboot, deleting all past alerts.

C.

Existing alerts and new alerts are regenerated based on the new setting.

D.

New alerts are generated based on the new setting.

Buy Now
Questions 32

In which two ways can Prisma Cloud Compute (PCC) edition be installed? (Choose two.)

Options:

A.

self-managed in a customer's own container platform

B.

self-contained hardware appliance

C.

as a stand-alone Windows application

D.

Cloud-hosted as part of a Prisma Cloud Enterprise tenant from Palo Alto Networks

Buy Now
Questions 33

Which statement is specific for Prisma Cloud when integrating into cloud environments?

Options:

A.

An AutoFocus license is included in Prisma Cloud.

B.

For multi-cloud environment licenses are required for the number of Prisma Cloud instances.

C.

Can be natively integrated into Prisma Access.

D.

No agents or proxies are required.

Buy Now
Questions 34

Which change represents a VM-Series NGFW license transfer?

Options:

A.

VM-100 BYOL on Microsoft Azure to VM-100 BYOL on Amazon Web Services

B.

VM-300 BYOL on Microsoft Azure to VM-300 PAY6 on Amazon Web Services

C.

VM-100 BYOL on Microsoft Azure to VM-300 BYOL on Microsoft Azure

D.

VM-100 BYOL on Microsoft Azure to VM-300 PAYG on Amazon Web Services

Buy Now
Exam Code: PSE-PrismaCloud
Exam Name: PSE Palo Alto Networks System Engineer Professional - Prisma Cloud
Last Update: Feb 16, 2025
Questions: 115

PDF + Testing Engine

$49.5  $164.99
buy now PSE-PrismaCloud pdf + testing engine

Testing Engine

$37.5  $124.99
buy now PSE-PrismaCloud testing engine

PDF (Q&A)

$31.5  $104.99
buy now PSE-PrismaCloud pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 22 Feb 2025