Palo Alto Networks PSE-Strata-Pro-24 Exam - Topic 2 Question 2 Discussion

Actual exam question for Palo Alto Networks's PSE-Strata-Pro-24 exam

Question #: 2
Topic #: 2

What are the first two steps a customer should perform as they begin to understand and adopt Zero Trust principles? (Choose two)

AUnderstand which users, devices, infrastructure, applications, data, and services are part of the network or have access to it.

BEnable relevant Cloud-Delivered Security Services (CDSS) subscriptions to automatically protect the customer's environment from both internal and external threats.

CMap the transactions between users, applications, and data, then verify and inspect those transactions.

DImplement VM-Series NGFWs in the customer's public and private clouds to protect east-west traffic.

Show Suggested Answer

Suggested Answer: A, C

Zero Trust principles revolve around minimizing trust in the network and verifying every interaction. To adopt Zero Trust, customers should start by gaining visibility and understanding the network and its transactions.

A . Understand which users, devices, infrastructure, applications, data, and services are part of the network or have access to it.

The first step in adopting Zero Trust is understanding the full scope of the network. Identifying users, devices, applications, and data is critical for building a comprehensive security strategy.

C . Map the transactions between users, applications, and data, then verify and inspect those transactions.

After identifying all assets, the next step is to map interactions and enforce verification and inspection of these transactions to ensure security.

Why Other Options Are Incorrect

B: Enabling CDSS subscriptions is important for protection but comes after foundational Zero Trust principles are established.

D: Implementing VM-Series NGFWs is part of enforcing Zero Trust, but it is not the first step. Visibility and understanding come first.

Palo Alto Networks Zero Trust Overview

by Tamra at Jan 28, 2025, 02:08 PM

Limited Time Offer

25%

Off

Get Premium PSE-Strata-Pro-24 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Tambra

3 months ago

Isn't implementing NGFWs a bit advanced for starters?

upvoted 0 times

...

Tresa

3 months ago

Agree with A and C, those are the basics!

upvoted 0 times

...

Leslee

3 months ago

Wait, are we sure CDSS is a must-have right away?

upvoted 0 times

...

Laticia

4 months ago

I think mapping transactions is super important too.

upvoted 0 times

...

Ardella

4 months ago

Definitely need to understand users and devices first!

upvoted 0 times

...

Kayleigh

4 months ago

I recall that identifying what’s in the network is crucial, but I’m not sure if that’s the first step or if mapping transactions comes first.

upvoted 0 times

...

Armanda

4 months ago

I practiced a question similar to this, and I feel like enabling Cloud-Delivered Security Services could be a good starting point, but I’m not 100% confident.

upvoted 0 times

...

Pearlene

4 months ago

I'm not entirely sure, but I remember something about mapping transactions being important too. It might be one of the first steps.

upvoted 0 times

...

Gail

5 months ago

I think the first step should definitely be understanding the users and devices involved. That seems fundamental to Zero Trust.

upvoted 0 times

...

Tina

5 months ago

Definitely A and C. Those cover the core elements of understanding your environment and verifying transactions, which are critical for Zero Trust.

upvoted 0 times

...

Ernest

5 months ago

I'm a bit confused by the NGFW option - that seems more like an implementation detail rather than an initial step. I'd go with A and C.

upvoted 0 times

...

Rosalind

5 months ago

Okay, I see what they're looking for now. A and B seem like the most logical first steps to adopt Zero Trust principles.

upvoted 0 times

...

Pearlene

5 months ago

Hmm, I'm a bit unsure about the CDSS option - does that really fit with the "first two steps" requirement? I'm leaning more towards A and C.

upvoted 0 times

...

Ula

5 months ago

I think the key here is to focus on understanding the network and access points first, so I'd go with A and C.

upvoted 0 times

...

Dalene

1 year ago

Yes, mapping transactions helps in ensuring security.

upvoted 0 times

...

Alex

1 year ago

Haha, D is just asking for trouble. Throwing firewalls everywhere without understanding the landscape? Recipe for disaster!

upvoted 0 times

An

11 months ago

Thea: Exactly, jumping straight to D without proper understanding can lead to problems.

upvoted 0 times

...

Barrett

11 months ago

User 3: I agree, it's important to map out transactions and verify before adding more security measures.

upvoted 0 times

...

Thea

12 months ago

User 2: Definitely, A and C are crucial steps to take before implementing firewalls.

upvoted 0 times

...

Harrison

12 months ago

User 1: Yeah, D does seem risky. Understanding the network first is key.

upvoted 0 times

...

Tawny

1 year ago

I believe the second step is to map and verify transactions.

upvoted 0 times

...

Britt

1 year ago

B sounds interesting, but I think you'd want to have a good handle on the environment first before diving into cloud-based security services.

upvoted 0 times

Weldon

11 months ago

B sounds interesting, but I think you'd want to have a good handle on the environment first before diving into cloud-based security services.

upvoted 0 times

...

An

11 months ago

C) Map the transactions between users, applications, and data, then verify and inspect those transactions.

upvoted 0 times

...

Dona

11 months ago

A) Understand which users, devices, infrastructure, applications, data, and services are part of the network or have access to it.

upvoted 0 times

...

Jamika

1 year ago

I agree, A and C are definitely the way to go. You gotta know what you're protecting before you can start protecting it!

upvoted 0 times

Johnson

1 year ago

C) Map the transactions between users, applications, and data, then verify and inspect those transactions.

upvoted 0 times

...

Tiera

1 year ago

A) Understand which users, devices, infrastructure, applications, data, and services are part of the network or have access to it.

upvoted 0 times

...

Lindsay

1 year ago

I agree with Dalene, knowing what's in the network is crucial.

upvoted 0 times

...

Dalene

1 year ago

I think the first step is to understand the network components.

upvoted 0 times

...

Dell

1 year ago

A and C seem like the logical first steps to understand and map out the network before implementing any security controls.

upvoted 0 times

Casie

1 year ago

User 3: Ocie and Casie are right, understanding and mapping out the network is crucial before implementing security measures.

upvoted 0 times

...

Ocie

1 year ago

User 2: C) Map the transactions between users, applications, and data, then verify and inspect those transactions.

upvoted 0 times

...

Sabra

1 year ago

User 1: A) Understand which users, devices, infrastructure, applications, data, and services are part of the network or have access to it.

upvoted 0 times

...