Palo Alto Networks Exam PSE-Strata-Pro-24 Topic 4 Question 12 Discussion

Actual exam question for Palo Alto Networks's PSE-Strata-Pro-24 exam

Question #: 12
Topic #: 4

Which use case is valid for Palo Alto Networks Next-Generation Firewalls (NGFWs)?

ACode-embedded NGFWs provide enhanced internet of things (IoT) security by allowing PAN-OS code to be run on devices that do not support embedded virtual machine (VM) images.

BServerless NGFW code security provides public cloud security for code-only deployments that do not leverage virtual machine (VM) instances or containerized services.

CIT/OT segmentation firewalls allow operational technology resources in plant networks to securely interface with IT resources in the corporate network.

DPAN-OS GlobalProtect gateways allow companies to run malware and exploit prevention modules on their endpoints without installing endpoint agents.

Show Suggested Answer

Suggested Answer: C

Palo Alto Networks Next-Generation Firewalls (NGFWs) provide robust security features across a variety of use cases. Let's analyze each option:

A . Code-embedded NGFWs provide enhanced IoT security by allowing PAN-OS code to be run on devices that do not support embedded VM images.

This statement is incorrect. NGFWs do not operate as 'code-embedded' solutions for IoT devices. Instead, they protect IoT devices through advanced threat prevention, device identification, and segmentation capabilities.

B . Serverless NGFW code security provides public cloud security for code-only deployments that do not leverage VM instances or containerized services.

This is not a valid use case. Palo Alto NGFWs provide security for public cloud environments using VM-series firewalls, CN-series (containerized firewalls), and Prisma Cloud for securing serverless architectures. NGFWs do not operate in 'code-only' environments.

C . IT/OT segmentation firewalls allow operational technology (OT) resources in plant networks to securely interface with IT resources in the corporate network.

This is a valid use case. Palo Alto NGFWs are widely used in industrial environments to provide IT/OT segmentation, ensuring that operational technology systems in plants or manufacturing facilities can securely communicate with IT networks while protecting against cross-segment threats. Features like App-ID, User-ID, and Threat Prevention are leveraged for this segmentation.

D . PAN-OS GlobalProtect gateways allow companies to run malware and exploit prevention modules on their endpoints without installing endpoint agents.

This is incorrect. GlobalProtect gateways provide secure remote access to corporate networks and extend the NGFW's threat prevention capabilities to endpoints, but endpoint agents are required to enforce malware and exploit prevention modules.

Key Takeaways:

IT/OT segmentation with NGFWs is a real and critical use case in industries like manufacturing and utilities.

The other options describe features or scenarios that are not applicable or valid for NGFWs.

Palo Alto Networks NGFW Use Cases

Industrial Security with NGFWs

by Lavera at Jun 11, 2025, 07:47 PM

Limited Time Offer

25%

Off

Get Premium PSE-Strata-Pro-24 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!