Palo Alto Networks PSE-SASE Palo Alto Networks Systems Engineer (PSE): SASE Associate Exam Exam Practice Test Questions

• Question 1

  In which step of the Five-Step Methodology for implementing the Zero Trust model is the Kipling Method relevant?

  • Step 3: Architect a Zero Trust network
  • Step 5: Monitor and maintain the network
  • Step 4: Create the Zero Trust policy
  • Step 2: Map the transaction flows

  Show Answer Answer: C Next

• Question 2

  What is a disadvantage of proxy secure access service edge (SASE) when compared to an inline SASE solution?

  • Proxies force policy actions to be treated as business decisions instead of compromises due to technical limitations.
  • Teams added additional tools to web proxies that promised to solve point problems, resulting in a fragmented and ineffective security architecture.
  • Proxy solutions require an unprecedented level of interconnectivity.
  • Exclusive use of web proxies leads to significant blind spots in traffic and an inability to identify applications and threats on non-standard ports or across multiple protocols.

  Show Answer Answer: D Next

• Question 3

  What is a benefit of a cloud-based secure access service edge (SASE) infrastructure over a Zero Trust Network Access (ZTNA) product based on a software-defined perimeter (SDP) model?

  • Users, devices, and apps are identified no matter where they connect from.
  • Connection to physical SD-WAN hubs in ther locations provides increased interconnectivity between branch offices.
  • Complexity of connecting to a gateway is increased, providing additional protection.
  • Virtual private network (VPN) services are used for remote access to the internal data center, but not the cloud.

  Show Answer Answer: A Next

• Question 4

  Which product allows advanced Layer 7 inspection, access control, threat detection and prevention?

  • Infrastructure as a Service (IaaS)
  • Remote browser isolation
  • Network sandbox
  • Firewall as a Service (FWaaS)

  Show Answer Answer: D Next

• Question 5

  Which two actions take place after Prisma SD-WAN Instant-On Network (ION) devices have been deployed at a site? (Choose two.)

  • The devices continually sync the information from directories, whether they are on-premise, cloud-based, or hybrid.
  • The devices establish VPNs over private WAN circuits that share a common service provider.
  • The devices automatically establish a VPN to the data centers over every internet circuit.
  • The devices provide an abstraction layer between the Prisma SD-WAN controller and a particular cloud service.

  Show Answer Answer: A, D Next