Palo Alto Networks PSE-Prisma-Pro-24 PDF Questions

1. Paloalto Networks PSE-Prisma-Pro-24 Exam Palo Alto Networks System Engineer - Prisma Cloud Professional https://www.passquestion.com/pse-prisma-pro-24.html 35% OFF on All, Including PSE-Prisma-Pro-24 Questions and Answers Pass Paloalto Networks PSE-Prisma-Pro-24 Exam with PassQuestion PSE-Prisma-Pro-24 questions and answers in the first attempt. https://www.passquestion.com/ 1 / 4

2. 1.How can all alerts related to "Amazon RDS" be quickly identified within the Prisma Cloud dashboard? A. Generate a Center for Internet Security (CIS) compliance report and search for "Amazon RDS" policy violations. B. View the alert data on the "Asset Inventory" dashboard and filter on "Amazon RDS. C. Within the "Alerts" tab. filter on "Amazon RDS" as a service. D. Create a custom Resource Query Language (RQL) configuration report. Answer: C 2.Which two actions are appropriate when configuring Prisma Cloud to scan a registry? (Choose two.) A. Allow Prisma Cloud to automatically optimize registry scans with version pattern matching. B. Allow Prisma Cloud to automatically distribute the scan job across a pool of available Defenders. C. Explicitly specify the Defender to do the job. D. Explicitly specify the predefined version pattern-matching algorithm. Answer: A B 3.Which regulatory framework in Prisma Cloud measures compliance with European Union (EU) data privacy regulations in Amazon Web services (AWS) workloads? A. General Data Protection Regulation (GDPR) B. International Organization for Standardization (ISO) 27001 C. Payment Card Industry (PCI) Data Security Standard (DSS) 3.0 D. EU Data Protection Directive 95/46/EC Answer: A 4.What resource is required to receive inbound traffic from the internet to VM-Series NGFW deployed as a gateway for Azure Stack workloads? A. Public IP for the VM-Series NGFW B. NAT appliance C. Azure Stack Edge Router D. Border Customer Network Answer: B 5.Which RQL string searches for all EBS volumes that do not have a "DataClassification" tag? A. config where api.name = 'aws-ec2-describe-volumes, AND json.rule = tags[*]key contains DataClassification B. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*]key != DataClassification C. config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*].key exists D. config where api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1 Answer: B 6.What are the two options to dynamically register tags used by Dynamic Address Groups that are referenced in policy? (Choose two.) A. VM Monitoring B. External Dynamic List C. CFT Template 2 / 4

3. D. XML API Answer: A D Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/policy/monitor-changes-in-the-virtual-enviro nment/use-dynamic-address-groups-in-policy 7.An Azure VNet has the IP network 10.0.0.0/16 with two subnets, 10.0.1.0/24 (used for web servers) and 10.0.2.0/24 (used for database servers). Which is a valid IP address to manage the VM-Series NGFW? A. 10.0.1.254 B. 10.0.2.1 C. 10.0.3.255 D. 10.0.3.1 Answer: D 8.Which Google Cloud Platform project shares its VPC networks with other projects? A. Service project B. Host project C. Admin project D. Subscribing project Answer: B Explanation: Create a shared VPC using the Trust VPC created when you deployed the firewall template. Set up a shared VPC for the host (firewall) project: gcloud compute shared-vpc enable HOST_PROJECT_ID https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on- google-cloud-platform/autoscaling-on-google-cloud-platform/deploy-autoscaling-on-google-cloud.html 9.Which change represents a VM-Series NGFW license transfer? A. VM-100 BYOL on Microsoft Azure to VM-100 BYOL on Amazon Web Services B. VM-300 BYOL on Microsoft Azure to VM-300 PAY6 on Amazon Web Services C. VM-100 BYOL on Microsoft Azure to VM-300 BYOL on Microsoft Azure D. VM-100 BYOL on Microsoft Azure to VM-300 PAYG on Amazon Web Services Answer: C 10.Which two cloud-native providers are supported by Prisma Cloud? (Choose two.) A. DigitalOcean B. Azure C. IBM Cloud D. Oracle Cloud Answer: B D 11.Which Resource Query Language (RQL) query searches for all Relational Database Service (RDS) instances that have a public IP address? 3 / 4

4. A. config from cloud.resource where api.name = 'aws-rds-describe-db-instances' AND json.rule = storageEncrypted is false B. event from cloud.audit_logs where api.name = 'aws-rds-describe-db-instances' AND json.rule = publiclyAccessible is true C. config from cloud.resource where api.name = 'aws-rds-describe-db-instances' AND json.rule = publiclyAccessible is true D. config from cloud.resource where api.name = 'aws-ec2-describe-instances' AND json.rule = publiclyAccessible is true Answer: C 12.Which two data sources are ingested by Prisma Cloud? (Choose two.) A. network flow logs B. list of all database instances' tables C. metadata about compute resources' configuration D. Cortex Data Lake Answer: A C 13.How can you use Prisma Public Cloud to identify Amazon EC2 instances that have been tagged as "Private? A. Create an RQL config query to identify resources with the tag "Private." B. Create an RQL network query to identify traffic from resources tagged "Private." C. Open the Asset Dashboard, filter on tags: and choose "Private." D. Generate a CIS compliance report and review the "Asset Summary." Answer: B 14.Which two templates are supported by Cloud Code Security scan service? (Choose two.) A. Azure Resource Manager (ARM) B. Hyper Text Markup Language (HTML) C. GitHub D. Terraform Answer: A D 15.What are two examples of Amazon Web Services logging services? (Choose two.) A. CloudLog B. CloudEvent C. CloudWatch D. CIoudTrail Answer: C D 4 / 4