Paloalto Networks PSE-StrataDC today updated questions - Verified by Paloalto Networks Experts

Palo Alto Networks System Engineer Professional - Strata Data Center Questions and Answers

Question 1

How is traffic directed to a Palo Alto Networks firewall integrated with Cisco ACI?

Options:

by creating an access policy

through a policy-based redirect (PBR)

contracts between EPGs that send traffic to the firewall using a shared policy

through a virtual machine monitor (VMM) domain

Question 2

Which three steps are valid for deploying a VM-Series firewall on NSX? (Choose three )

Options:

create steering policies to redirect traffic to the VM-Series firewall

create a vDC and a vApp that includes the VM-Series firewall

obtain the AMI from market place

enable communication between Panorama and the NSX Manager

Question 3

How does Palo Alto Networks VM orchestration help service providers automatically provision security instances and policies on demand? (Choose two.)

Options:

Aperture Orchestration Engine (AOE)

Support for Dynamic Address Groups

Fully instrumented API

VM Orchestration Policy Editor

Question 4

Which task is required to create steering rules on NSX-V Manager?

Options:

Select Steering Rules > 3rd Party Firewalls > Palo Alto Networks and then populate the object with the required details

Configure the rule in Panorama and push it to NSX-V Manager.

Select Fabric > Access Policies > Quick Start and follow the prompts

Add a network introspective service and select Redirect to Service under Action.

Question 5

Which configuration is requiredto share NSX security groups as tags to be used by Dynamic Address Groups in a non-NSX firewall?

Options:

notify device groups within VMware Services Manager

a User-ID agent on a Windows domain server

VMware Information Sources

none, sharing happens by default

Question 6

A customer in a non-NSX VMware environment wantsto add a VM-Series firewall and to partition an existing group of VMs in the same subnet into two groups. One group needs no additional security, but the second group requires substantially more security.

How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?

Options:

Create a new virtual switch and use the VM-Series firewall to separate virtual switches using Virtual Wire mode Then move the guests that require more security into the new virtual switch

Edit the IP address of all of the affected VMs

Send the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode. Use the same IP address as the old default gateway, then delete the old default gateway

Create a Layer 3 interface in the same subnet as the VMs and configure proxy ARP

Question 7

Whichthree deployment modes of VM-Series firewalls are supported across NSX-T? (Choose three )

Options:

Partner Service

Boot Strap

Prism Central

Tier-1 insertion

Tier-0 insertion

Question 8

What is the major decision factor that customers use when selecting a managed container platform such as AS/EKS/GKE?

Options:

licensing costs

enhanced capabilities not available in vanilla K8s

no need to manage containers, just the application code.

reduced operational costs and management overhead

Question 9

Which VM-Series can be deployed on Amazon Web Services (AWS)?

Options:

Can deploy any VM-Series except the VM-50

Only VM-100, VM-200 and VM-300

Any VM-Series model

Any VM-Series model except the VM-700

Load More PSE-StrataDC Questions

Winter Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Paloalto Networks PSE-StrataDC Palo Alto Networks System Engineer Professional - Strata Data Center Exam Practice Test

Palo Alto Networks System Engineer Professional - Strata Data Center Questions and Answers

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer: