Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

PSE-PrismaCloud Paloalto Networks PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Paloalto Networks PSE-PrismaCloud PSE Palo Alto Networks System Engineer Professional - Prisma Cloud certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Paloalto Networks PSE-PrismaCloud Premium Access     Download Demo    
Page: 1 / 2
Total 115 questions

An administrator deploys a VM-Series firewall into Amazon Web Services. Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?

A.

security group

B.

tags

C.

elastic ip address

D.

source/destination checking

Which two items are required when a VM-100 BYOL instance is upgraded to a VM-300 BYOL instance? (Choose two.)

A.

UUID

B.

new Auth Code

C.

CPU ID

D.

API Key

When protecting against attempts to exploit client-side and server-side vulnerabilities, what is the Palo Alto Networks best practice when using NGFW Vulnerability Protection Profiles?

A.

Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats

B.

Clone the predefined Strict Profile, with packet capture settings disabled

C.

Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats

D.

Clone the predefined Strict Profile, with packet capture settings enabled

What occurs with the command twistcli when scanning images?

A.

If options are listed after the image name; they will be ignored.

B.

If option "--user" is used, it is mandatory to use option "--password.

C.

If option "--address" is unspecified, all images are scanned.

D.

Option "--output-file" cannot be used in conjunction with option "--details."

A client has a sensitive internet-facing application server in Microsoft Azure and is concerned about resource exhaustion because of distributed denial-of-service attacks What can be configured on the VM-Series firewall to specifically protect this server against this type of attack?

A.

Custom threat signature

B.

Zone Protection Profile

C.

QoS Profile to limit incoming requests

D.

DoS Protection Profile with specific session counts

Which two resources provide operational insight within the Prisma Cloud Asset Inventory? (Choose two.)

A.

Cortex Data Lake

B.

Cloud Storage buckets

C.

Prisma Access Gateways

D.

Compute Engine instance

Which two templates are supported by Cloud Code Security scan service? (Choose two.)

A.

Azure Resource Manager (ARM)

B.

Hyper Text Markup Language (HTML)

C.

GitHub

D.

Terraform

Which two template formats are supported by the Prisma Cloud infrastructure as code (laC) scan service? (Choose two.)

A.

ARM

B.

XML

C.

YAML

D.

JSON

Which framework in Prisma Public Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?

A.

HIPAA

B.

CIS Benchmark

C.

Payment Card Industry DSS V3

D.

GDPR

What are the two options to dynamically register tags used by Dynamic Address Groups that are referenced in policy? (Choose two.)

A.

VM Monitoring

B.

External Dynamic List

C.

CFT Template

D.

XML API

Which RQL string returns a list of all Azure virtual machines that are not currently running?

A.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'

B.

config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"

C.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

D.

config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

What does Prisma Cloud execute to change public cloud infrastructure when autoremediation is enabled?

A.

local scripts to public cloud APIs

B.

remote function calls to host agents

C.

third-party integration tools

D.

public cloud CLI commands

Which RQL string searches for all EBS volumes that do not have a "DataClassification" tag?

A.

config where api.name = 'aws-ec2-describe-volumes, AND json.rule = tags[*]key contains DataClassification

B.

config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*]key != DataClassification

C.

config where api.name = ,aws-ec2-describe-volumes' AND json.rule = tags[*].key exists

D.

config where api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1

Which Resource Query Language (RQL) query monitors all "delete" activities for the user "user1"?

A.

event where crud = 'delete’ AND subject = 'user1'

B.

event where crud = 'delete'

C.

event where crud = 'delete' AND subject = 'user1' AND cloud.type = 'aws'

D.

event where subject = 'user1'

What are two examples of Amazon Web Services logging services? (Choose two.)

A.

CloudLog

B.

CloudEvent

C.

CloudWatch

D.

CIoudTrail

Which Google Cloud Platform project shares its VPC networks with other projects?

A.

Service project

B.

Host project

C.

Admin project

D.

Subscribing project

What are two valid image identifiers to designate trust? (Choose two.)

A.

repo

B.

trusted publisher

C.

registry

D.

base layer

What are two business values of Cloud Code Security? (Choose two.)

A.

consistent controls from build time to runtime

B.

prebuilt and customizable polices to detect data such as personally identifiable information (PII) in publicly exposed objects

C.

support for multiple languages, runtimes and frameworks

D.

continuous monitoring of all could resources for vulnerabilities, misconfigurations, and other threats

Based on the diagram, prioritize the order in which the Virtual Gateway evaluates the best route based on the deterministic B6P Path selection process.

What subcommand invokes the Prisma Cloud Compute (PCC) edition image scanner?

A.

> twistcli images scan

B.

> twistcli project scan

C.

> twistcli scan projects

D.

> twistcli scan images

Paloalto Networks PSE-PrismaCloud Premium Access     Download Demo    
Page: 1 / 2
Total 115 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved