
PSE-SASE練習テスト問題解答には更新された67問があります
PSE-SASE問題集はSASE Professional合格確定させる練習で67問があります
質問 22
Users connect to a server in the data center for file sharing. The organization wants to decrypt the traffic to this server in order to scan the files being uploaded and downloaded to determine if malware or sensitive data is being moved by users.
Which proxy should be used to decrypt this traffic?
- A. SCP Proxy
- B. SSL Forward Proxy
- C. SSH Forward Proxy
- D. SSL Inbound Proxy
正解: D
質問 23
What allows enforcement of policies based on business intent, enables dynamic path selection, and provides visibility into performance and availability for applications and networks?
- A. Identity Access Management (IAM) methods
- B. Firewall as a Service (FWaaS)
- C. Cloud Access Security Broker (CASB)
- D. Instant-On Network (ION) devices
正解: B
質問 24
Which CLI command allows visibility into SD-WAN events such as path selection and path quality measurements?
- A. >show sdwan connection all |
- B. >show sdwan session distribution policy-name
- C. >show sdwan path-monitor stats vif
- D. >show sdwan event
正解: D
質問 25
Which two point products are consolidated into the Prisma secure access service edge (SASE) platform?
(Choose two.)
- A. Autonomous Digital Experience Management (ADEM)
- B. Threat Intelligence Platform (TIP)
- C. firewall as a service (FWaaS)
- D. security information and event management (SIEM)
正解: A,C
質問 26
What is a benefit of deploying secure access service edge (SASE) with a secure web gateway (SWG) over a SASE solution without a SWG?
- A. It creates tunnels that allow users and systems to connect securely over a public network as if they were connecting over a local area network (LAN).
- B. Protection is offered in the cloud through a unified platform for complete visibility and precise control over web access while enforcing security policies that protect users from hostile websites.
- C. It prepares the keys and certificates required for decryption, creating decryption profiles and policies, and configuring decryption port mirroring.
- D. A heartbeat connection between the firewall peers ensures seamless failover in the event that a peer goes down.
正解: B
質問 27
What is feature of Autonomous Digital Experience Management (ADEM)?
- A. It applies configuration changes and provides credential management, role-based controls, and a playbook repository.
- B. It provides IT teams with single-pane visibility that leverages endpoint, simulated, and real-time user traffic data to provide the most complete picture of user traffic flows possible.
- C. It natively ingests, normalizes, and integrates granular data across the security infrastructure at nearly half the cost of legacy security products attempting to solve the problem.
- D. It provides customized forms to collect and validate necessary parameters from the requester.
正解: B
質問 28
What is a disadvantage of proxy secure access service edge (SASE) when compared to an inline SASE solution?
- A. Proxy solutions require an unprecedented level of interconnectivity.
- B. Exclusive use of web proxies leads to significant blind spots in traffic and an inability to identify applications and threats on non-standard ports or across multiple protocols.
- C. Teams added additional tools to web proxies that promised to solve point problems, resulting in a fragmented and ineffective security architecture.
- D. Proxies force policy actions to be treated as business decisions instead of compromises due to technical limitations.
正解: B
質問 29
In which step of the Five-Step Methodology of Zero Trust are application access and user access defined?
- A. Step 5: Monitor and Maintain the Network
- B. Step 4: Create the Zero Trust Policy
- C. Step 1: Define the Protect Surface
- D. Step 3: Architect a Zero Trust Network
正解: B
質問 30
What are two benefits provided to an organization using a secure web gateway (SWG)? (Choose two.)
- A. VPNs remain connected, reducing user risk exposure.
- B. Security policies for making internet access safer are enforced.
- C. Access to inappropriate websites or content is blocked based on acceptable use policies.
- D. An encrypted challenge-response mechanism obtains user credentials from the browser.
正解: B,C
質問 31
How does SaaS Security Inline help prevent the data security risks of unsanctioned security-as-a-service (SaaS) application usage on a network?
- A. It prevents credential theft by controlling sites to which users can submit their corporate credentials.
- B. It provides mobility solutions and/or large-scale virtual private network (VPN) capabilities.
- C. It offers risk scoring, analytics, reporting, and Security policy rule authoring.
- D. It provides built-in external dynamic lists (EDLs) that secure the network against malicious hosts.
正解: D
質問 32
Organizations that require remote browser isolation (RBI) to protect their users can automate connectivity to third-party RBI products with which platform?
- A. CloudBlades API
- B. Zero Trust
- C. SaaS Security API
- D. GlobalProtect
正解: B
質問 33
How does the secure access service edge (SASE) security model provide cost savings to organizations?
- A. The single platform reduces costs compared to buying and managing multiple point products.
- B. The content inspection integration allows third-party assessment, which reduces the cost of contract services.
- C. The increased complexity of the model over previous products reduces IT team staffing costs.
- D. The compact size of the components involved reduces overhead costs, as less physical space is needed.
正解: B
質問 34
What is a key benefit of CloudBlades?
- A. utilization of near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats
- B. identification of port-based rules so they can be converted to application-based rules without compromising application availability
- C. configuration of the authentication source once instead of for each authentication method used
- D. automation of UI workflow without any code development and deployment of Prisma SD-WAN ION devices
正解: D
質問 35
How does SaaS Security Inline provide a consistent management experience?
- A. automatically forwards samples for WildFire analysis
- B. user credentials required before accessing the resource
- C. uses advanced predictive analysis and machine learning (ML)
- D. integrates with existing security
正解: D
質問 36
A customer currently has 150 Mbps of capacity at a site. Records show that, on average, a total of 30 Mbps of bandwidth is used for the two links.
What is the appropriate Prisma SD-WAN license for this site?
- A. 50 Mbps
- B. 175 Mbps
- C. 250 Mbps
- D. 25 Mbps
正解: A
質問 37
Which product continuously monitors each segment from the endpoint to the application and identifies baseline metrics for each application?
- A. WildFire
- B. Autonomous Digital Experience Management (ADEM)
- C. App-ID Cloud Engine (ACE)
- D. CloudBlades
正解: B
質問 38
What is an advantage of next-generation SD-WAN over legacy SD-WAN solutions?
- A. It allows configuration to forward logs to external logging destinations, such as syslog servers.
- B. It steers traffic and defines networking and security policies from an application-centric perspective, rather than a packet-based approach.
- C. It enables definition of the privileges and responsibilities of administrative users in a network.
- D. It provides the ability to push common configurations, configuration updates, and software upgrades to all or a subset of the managed appliances.
正解: B
質問 39
Which two statements apply to features of aggregate bandwidth allocation in Prisma Access for remote networks? (Choose two.)
- A. Administrator is not required to allocate all purchased bandwidth to compute locations for the configuration to be valid.
- B. Bandwidth that is allocated to a compute location is statically and evenly distributed across remote networks in that location.
- C. Administrator must assign a minimum of 50 MB to any compute location that will support remote networks.
- D. Administrator can allocate up to 120% of the total bandwidth purchased for aggregate locations to support traffic peaks.
正解: A,D
質問 40
Which connection method allows secure web gateway (SWG) access to internet-based SaaS applications using HTTP and HTTPS protocols?
- A. explicit proxy
- B. Broker VM
- C. system-wide proxy
- D. GlobalProtect
正解: D
質問 41
What are three ways the secure access service edge (SASE) model can help an organization? (Choose three.)
- A. data protection
- B. cost savings
- C. increased licensing requirements
- D. decreased reliance on best practices
- E. increased performance
正解: A,B,E
質問 42
......
最新PSE-SASE試験問題にはリアルなPSE-SASE問題集があります:https://jp.fast2test.com/PSE-SASE-premium-file.html
最新PSE-SASE認証有効な試験問題集解答を試そう!:https://drive.google.com/open?id=1EJ3gtceN6bacDAgxpaGQQgRRNTWrBog_