Question No. 1

Which configuration needs to be done to perform user entity behavior analysis with Prisma Public Cloud?

ACreate alert rules.

BWhitelist IP addresses.

CConfigure User-ID.

DDefine enterprise settings.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-policies.html

Show Answer

Correct Answer: D

Question No. 2

Which two cloud providers support Load Balancers as next hop configurations for outbound connections? (Choose two.)

AGoogle Cloud Platform

BMicrosoft Azure

COracle Cloud

DAmazon Web Services

Show Answer

Correct Answer: A, B

Question No. 3

Which RQL string returns a list of all Azure virtual machines that are not currently running?

Aconfig where api.name = 'azure-vm-list' AND json.rule = powerState = 'off'

Bconfig where api.name = 'azure-vm-list' AND json.rule = powerState does not contain 'running'

Cconfig where api.name = 'azure-vm-list' AND json.rule = powerState = 'running'

Dconfig where api.name = 'azure-vm-list' AND json.rule = powerState contains 'running'

Show Answer

Correct Answer: B

Question No. 4

Palo Alto Networks recommends which two options for outbound HA design in Amazon Web Services using VM-Series NGFW? (Choose two.)

AiLB-as-next-hop

Btransit gateway and security VPC with VM-Series

Ctraditional active/standby HA on VM-Series

Dtransit VPC and security VPC with VM-Series

Show Answer

Correct Answer: B, C

Question No. 5

Which three anomaly policies are predefined in Prisma Public Cloud? (Choose three.)

AExcessive login failures

BUnusual user activity

CDenial-of-service activity

DAccount hijacking attempts

ESuspicious file activity
Account hijacking attempts
---Detect potential account hijacking attempts discovered by identifying unusual login activities. These can happen if there are concurrent login attempts made in short duration from two different geographic locations, which is
impossible time travel
, or login from a previously unknown browser, operating system, or location.
Excessive login failures
---Detect potential account hijacking attempts discovered by identifying brute force login attempts. Excessive login failure attempts are evaluated dynamically based on the models observed with continuous learning.
Unusual user activity
---Discover insider threat and an account compromise using advanced data science. The Prisma Cloud machine learning algorithm profiles a user's activities on the console, as well as the usage of access keys based on the location and the type of cloud resources.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-policies.html

Show Answer

Correct Answer: A, B, D

Free Palo Alto Networks PSE-PrismaCloud Exam Actual Questions

The questions for PSE-PrismaCloud were last updated On Apr 24, 2024