Palo Alto Networks PSE-Strata Exam - Topic 1 Question 14 Discussion

Actual exam question for Palo Alto Networks's PSE-Strata exam

Question #: 14
Topic #: 1

A client chooses to not block uncategorized websites.

Which two additions should be made to help provide some protection? (Choose two.)

AA URL filtering profile with the action set to continue for unknown URL categories to security policy rules that allow web access

BA data filtering profile with a custom data pattern to security policy rules that deny uncategorized websites

CA file blocking profile attached to security policy rules that allow uncategorized websites to help reduce the risk of drive by downloads

DA security policy rule using only known URL categories with the action set to allow

Show Suggested Answer

Suggested Answer: A, D

by Pete at May 06, 2022, 05:39 PM

Limited Time Offer

25%

Off

Get Premium PSE-Strata Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Simona

4 months ago

C makes sense, but I’m skeptical about its effectiveness.

upvoted 0 times

...

Marti

4 months ago

A is a must, but D feels too lenient to me.

upvoted 0 times

...

Mila

4 months ago

Wait, why would you allow uncategorized sites at all? Seems risky!

upvoted 0 times

...

Alica

4 months ago

I think B could work too, but not sure if it's necessary.

upvoted 0 times

...

Glenna

4 months ago

Definitely A and C for better protection!

upvoted 0 times

...

Tamesha

5 months ago

I’m a bit confused about option D; it seems like it would limit access too much, but I guess it could work if we only want known categories.

upvoted 0 times

...

Bettyann

5 months ago

I practiced a similar question where file blocking was important, so I feel like option C could be a good addition to reduce risks.

upvoted 0 times

...

Lindy

5 months ago

I think option B makes sense because denying uncategorized websites could help, but I can't recall if a custom data pattern is necessary.

upvoted 0 times

...

Marylin

5 months ago

I remember we discussed URL filtering profiles in class, but I'm not sure if option A is the best choice since it allows unknown categories.

upvoted 0 times

...

Frederica

5 months ago

Hmm, I'm a bit confused. I need to check the namespace details and the Deployment configuration to make sure I understand the requirements fully before attempting to update anything.

upvoted 0 times

...

Katina

5 months ago

I recall a similar practice question about vulnerabilities. The answer was definitely not Trojan, but zero-day sounds familiar.

upvoted 0 times

...

Junita

5 months ago

This seems like a straightforward question. I think providing the team with a preconfigured domain archive file would be the most efficient solution.

upvoted 0 times

...

Elenore

5 months ago

Okay, I think I've got a handle on this. Let me jot down a quick strategy before I start selecting the answers.

upvoted 0 times

...

Johana

5 months ago

Hmm, I'm a bit confused by the wording here. I'll need to re-read the question to make sure I understand it fully.

upvoted 0 times

...