Free Palo Alto Networks PSE-Endpoint Exam Dumps and PSE-Endpoint Exam Questions

Question No: 1

MultipleChoice

A customer has an environment with the following:

• 1,000 agents communicating over SSL with two servers - one containing the ESM Server and another one where the ESM Console is installed

• BitsUploads resides on the ESM Console server

• ESM Server and Console are using the default pods tor communication

In a scenario where a file is failing to be uploaded from macOS, which three reasons could be directly related to the failure? (Choose three.)

Options

ATraps agent is not able to check in with the ESM Server

BThe rate of upload is lower than 100Kb/S

CThe BITS address in the ESM is incorrect

DPort 2125 is blocked on the server which hosts BitsUploads

EPort 443 is blocked on the server which hosts BitsUploads

Question No: 2

MultipleChoice

The administrator has added the following whitelist to the WildFire Executable Files policy.

*mysoftware.exe

What will be the result of this whitelist?

Options

Ausers will not be able to run mysoftware.exe.

Bmysoftware.exe will be uploaded to WildFire for analysis

Cmysoftware.exe will not be analyzed by WildFire regardless of the file location.

Dmysoftware.exe will not be analyzed by WildFire, but only if executed from the C drive.

Question No: 3

MultipleChoice

An administrator would like to add Google Chrome and Google Chrome Helper to the exploit prevention policy for macOS. In order to achieve this task, which option should be added to the macOS protected processes list?

Options

Achrome app

Bgoogle chrome and google chrome helper

Cchrome*

Dgoogle chrome

Question No: 4

MultipleChoice

Files are not getting a WildFire verdict.

What is one way to determine whether there is a BITS issue?

Options

ACheck the upload status in the hash control screen

BRun a telnet command between Traps agent and ESM Server on port 2125

CUse PowerShell to test upload using HTTP POST method

DInitiate a 'Send support file' from the agent

Question No: 5

MultipleChoice

A deployment contains some machines that are not part of the domain. The Accounting and Sales departments are two of these.

How can a policy of WildFire notification be applied to Accounting, and a policy of WildFire prevention be applied to Sales, while not affecting any other WildFire policies?

Options

ACreate the rules and use the Objects tab to add Accounting and Sales to each rule they should apply to.

BCreate a condition for an application found on an Accounting machine. Use that condition for the Accounting groups rule, and create the rule tor Sales without any conditions.

CCreate two rules for WildFire: one for prevention, and one for notification. Make sure the Accounting rule is numbered higher.

DCreate group-specific registry entries on endpoints. Use these registry entries to create conditions for the WildFire rules

Question No: 6

MultipleChoice

A company is using a Web Gateway/Proxy for all outbound connections. The company has deployed Traps within the domain and in testing, discovered that the ESM Servers are unable to communicate with WildFire. All other Traps features are working. What is the most likely cause of the issue?

Options

AThe administrator needs to configure WildFire proxy settings in each Agent Console.

BThe administrator needs to configure WildFire proxy settings in the ESM Console and in each Agent Console.

CThe Administrator needs to purchase the additional site license required for WildFire.

DThe Administrator needs to configure WildFire proxy settings in the ESM Console.

Question No: 7

MultipleChoice

Which software category is most likely to cause a conflict with the Traps agent?

Options

AExploit prevention software

BWeb browser software

CWeb meeting and collaboration software

DFull disk encryption software

Question No: 8

MultipleChoice

What is the default interval for Traps agents to communicate via heartbeat to the ESM?

Options

AEvery 1 Minute

BEvery 1 Hour

CEvery 1 Day

DEvery 1 year

Question No: 9

MultipleChoice

In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

Options

A/ProgramData/Cyvera/Logs

B/ProgramData/Cyvera/Everyone/Temp

C/Library/Application Support/Cyvera/BITS Uploads/

D/Library/Application Support/PaloAltoNetworks/Traps/Upload/

Question No: 10

MultipleChoice

An Administrator has identified an EPM-triggered false positive and has used the Create Rule button from within the relevant entry in the Security Events > Preventions > Exploits tab. What is the result of the created rule?

Options

AThe new rule stops all EPM injection into the faulted process.

BThe new rule stops all EPM injection into processes on the machine on which the prevention was triggered.

CThe new rule excludes the endpoint from Traps protection.

DThe new rule will include the EPM that raised the prevention, the process that triggered the prevention, the machine on which the prevention was triggered, and a descriptive name for the rule.