Paloalto Networks PSE StrataDC Palo Alto Networks System Engineer Professional – Strata Data Center Online Training
Paloalto Networks PSE StrataDC Online Training
The questions for PSE StrataDC were last updated at Jan 12,2025.
- Exam Code: PSE StrataDC
- Exam Name: Palo Alto Networks System Engineer Professional - Strata Data Center
- Certification Provider: Paloalto Networks
- Latest update: Jan 12,2025
What are two types of security that can be implemented across every phase of the Build, Ship, and Run lifecycle of a workload? (Choose two)
- A . Runtime Security
- B . Firewalling
- C . Vulnerability Management
- D . Compliance or Configuration Management
Whichconfiguration is required in NSX for Panorama to use the tags from security groups in dynamic address groups?
- A . Create security groups only.
- B . Create security groups and mark them as exchangeable.
- C . Create security groups with tags marked as shareable.
- D . Create security groups and use them in an NSX-to-Palo Alto Networks redirection policy.
Which configuration is requiredto share NSX security groups as tags to be used by
Dynamic Address Groups in a non-NSX firewall?
- A . notify device groups within VMware Services Manager
- B . a User-ID agent on a Windows domain server
- C . VMware Information Sources
- D . none, sharing happens by default
Which environment is least likely to be placed on a public cloud by a hospital that has a large health information management application?
- A . production
- B . development
- C . testing
- D . QA
A customer in a non-NSX VMware environment wants to add a VM-Series firewall and to partition an existing group of VMs in the same subnet into two groups. One group needs no additional security, but the second group requires substantially more security.
How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?
- A . Create a new virtual switch and use the VM-Series firewall to separate virtual switches using Virtual Wire mode Then move the guests that require more security into the new virtual switch
- B . Edit the IP address of all of the affected VMs
- C . Send the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode. Use the same IP address as the old default gateway, then delete the old default gateway
- D . Create a Layer 3 interface in the same subnet as the VMs and configure proxy ARP
A network administrator is working on a VMware NSX installation with VM-1000-HV firewalls The administrator has created a security group that is populated with VMs The administrator is trying to create a Dynamic Address Group in Panorama, but the security group is not showing.
Which task should the administrator perform first?
- A . Go into vCenter/NSX and push the objects to Panorama
- B . Delete and re-add the security group.
- C . Go into Panorama and synchronize the Address objects with NSX
- D . Check the NSX Security policy to ensure the security group has been used in a policy.
In which two ways can micro-segmentation save money for the enterprise? (Choose two.)
- A . fewer capital expenses because fewer physical servers need to be bought
- B . fewer operating expenses because a smaller data center is operated
- C . fewer operating expenses because less public cloud capacity needs to be rented
- D . fewer capital expenses because the same number of physical servers can be kept in a smaller space
For which two reasons would an administrator have to install NGFW automatically in a cloud environment? {Choose two)
- A . reduce capital expenses
- B . performance, to be able to install a new firewall when the demand exceeds the ability of the existing environments to service
- C . integrity, to ensure that data is not changed illicitly
- D . resiliency and availability, to be able to install a new firewall as part of a new environment if an existing environment fails
- E . security, to automatically install a firewall when a security threat is detected
A customer wants to completely segment their internal networks They have Cisco switches and extensively use 10Gbps interfaces. They are running VMware ESXi and are considering implementing NSX .
Which three Palo Alto Networks firewall models will support this deployment? (Choose three.)
- A . PA-3050
- B . VM-100
- C . VM-300
- D . PA-3250
- E . PA-7050
Which option describes Arista’s micro-segmentation?
- A . Arista and VMware are extending secure segmentation with an open API (RESTZJSON)-based exchange, which allows NSX to federate with CloudVision to extend the micro-segmentation policy for physical workloads.
- B . Arista and Kubernetes are extending secure segmentation with an open API (RESTVJSON)-based exchange, which allows Kubernetes to federate with CloudVision to extend the micro-segmentation policy for physical workloads.
- C . Arista’s micro-segmentation and macro-segmentation are identical concepts that can be used interchangeably
- D . Arista and VMware both perform identical functions for NGFW micro-segmentation
Latest PSE StrataDC Dumps Valid Version with 60 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
