Special Summer Sale - Limited Time 70% Discount Offer - Ends in 1d 19h 19m 7s - Coupon code: mxmas70

Home > Paloalto Networks > PSE-Software Firewall Professional > PSE-SWFW-Pro-24

PSE-SWFW-Pro-24 Palo Alto Networks Systems Engineer Professional - Software Firewall Question and Answers

Question # 4

What are two characteristics of firewall flex credit profiles of a credit pool in the Palo Alto Networks Customer Support Portal? (Choose two.)

A.

Each VM-Series firewall deployment profile can be either fixed or flexible until defined and saved.

B.

All firewalls activated to a deployment profile will have the same subscriptions.

C.

The number of licensed cores must match the number of provisioned CPU cores per instance.

D.

Allocate credits for use with Cloud NGFW for AWS and Azure.

Full Access
Question # 5

Which three statements describe common characteristics of Cloud NGFW and VM-Series offerings? (Choose three.)

A.

In Azure, both offerings can be integrated directly into Virtual WAN hubs.

B.

In Azure and AWS, both offerings can be managed by Panorama.

C.

In AWS, both offerings can be managed by AWS Firewall Manager.

D.

In Azure, inbound destination NAT configuration also requires source NAT to maintain flow symmetry.

E.

In Azure and AWS, internal (east-west) flows can be inspected without any NAT.

Full Access
Question # 6

A prospective customer plans to migrate multiple applications to Amazon Web Services (AWS) and is considering deploying Palo Alto Networks NGFWs to protect these workloads from threats. The customer currently uses Panorama to manage on-premises firewalls and wants to avoid additional management complexity.

Which AWS deployment option meets the customer's technical and business value requirements while minimizing risk exposure?

A.

Software NGFW credits and Strata Cloud Manager (SCM)

B.

Cloud NGFWs and Panorama

C.

Cloud NGFWs and Strata Cloud Manager (SCM)

D.

Software NGFW credits and Panorama

Full Access
Question # 7

A company is sponsoring a cybersecurity conference for attendees interested in a range of cybersecurity products that include malware protection, SASE, automation products, and firewalls. The company will deliver a single 3–4 hour conference workshop.

Which cybersecurity portfolio tool will give workshop attendees the appropriate exposure to the widest variety of Palo Alto Networks products?

A.

Capture the Flag

B.

Ultimate Lab Environment

C.

Demo Environment

D.

Ultimate Test Drive

Full Access
Question # 8

Which tool can automate the deployment of VM-Series next-generation firewalls into supported public cloud service provider (CSP) environments?

A.

Panorama

B.

Terraform Automated Config agent

C.

Public Cloud Manager (PCM) tenant

D.

Docker Swarm

Full Access
Question # 9

What are three benefits of Palo Alto Networks VM-Series firewalls as they relate to direct integration with third-party network virtualization solution providers? (Choose three.)

A.

Integration with Cisco ACI allows insertion of a virtual firewall and enforcement of dynamic policies between endpoint groups without the need for manual policy adjustments.

B.

Integration with a third-party network virtualization solution allows management and deployment of the entire virtual network and hosts directly from Panorama.

C.

Integration with Nutanix AHV allows the firewall to be dynamically informed of changes in the environment and ensures policy is applied to virtual machines (VMs) as they join the network.

D.

Integration with VMware NSX provides comprehensive visibility and security of all virtualized data center traffic including intra-host ESXi virtual machine (VM) communications.

E.

Integration with network virtualization solution providers allows manual deployment and management of firewall rules through multiple interfaces and front ends specific to each technology.

Full Access
Question # 10

What is an advantage of using a Palo Alto Networks Cloud NGFW compared to deploying a VM-Series firewall in the cloud?

A.

Cloud NGFW integrates natively into the AWS management console.

B.

The customer maintains complete control of the Cloud NGFW.

C.

Layer 2 network functionality can be customized on Cloud NGFW.

D.

Cloud NGFW can easily be deployed using NGFW Software Credits.

Full Access
Question # 11

Which three Cloud NGFW management tasks are inherently performed by the service within AWS and Azure? (Choose three.)

A.

Horizontally scaling out to meet increased traffic demand

B.

Installing new content (applications and threats)

C.

Installing new PAN-OS software updates

D.

Blocking high-risk S2C threats in accordance with SOC2 compliance

E.

Decrypting high-risk SSL traffic

Full Access
Question # 12

Which two features offer the ability to manage Cloud NGFW in Azure or AWS? (Choose two.)

A.

Azure Firewall Portal

B.

Palo Alto Networks Ansible playbooks

C.

Panorama

D.

AWS Firewall Manager

Full Access
Question # 13

What are three Palo Alto Networks VM-Series firewall reference architecture deployment models? (Choose three.)

A.

Cloud NGFW for AWS: Combined Model

B.

AWS VM-Series: Isolated Transit Gateway

C.

Cloud NGFW for Azure: Virtual WAN integration

D.

GCP VM-Series: VPC network peering model with Shared VPC

E.

Azure VM-Series: Distributed VCN - common firewall

Full Access
Question # 14

Which three presales resources are available to field systems engineers for technical assistance, innovation consultation, and industry differentiation insights? (Choose three.)

A.

Palo Alto Networks consulting engineers

B.

Professional services delivery

C.

Technical account managers

D.

Reference architectures

E.

Palo Alto Networks principal solutions architects

Full Access
Question # 15

What are two methods or tools to directly automate the deployment of VM-Series NGFWs into supported public clouds? (Choose two.)

A.

GitHub PaloAltoNetworks Terraform SWFW modules

B.

Deployment configuration in the public cloud Panorama plugins

C.

paloaltonetworks.panos Ansible collection

D.

panos Terraform provider

Full Access
Question # 16

Which three Palo Alto Networks firewalls protect public cloud environments? (Choose three.)

A.

CN-Series firewall

B.

PA-Series firewall

C.

Cloud NGFW

D.

VM-Series firewall

E.

Cloud ION Blade firewall

Full Access
Question # 17

A Cloud NGFW for Azure can be deployed to which two environments? (Choose two.)

A.

Azure Kubernetes Service (AKS)

B.

Azure Virtual WAN

C.

Azure DevOps

D.

Azure VNET

Full Access
Question # 18

A company has purchased Palo Alto Networks Software NGFW credits and wants to run PAN-OS 11.x virtual machines (VMs).

Which two types of VMs can be selected when creating the deployment profile? (Choose two.)

A.

VM-100

B.

Fixed vCPU models

C.

Flexible model of working memory

D.

Flexible vCPUs

Full Access
Question # 19

What are three benefits of using Palo Alto Networks software firewalls in public cloud, private cloud, and hybrid cloud environments? (Choose three.)

A.

They allow for centralized management of all firewalls, regardless of where or how they are deployed.

B.

They allow for complex management of per-use case security needs through multiple point products.

C.

They provide consistent policy enforcement across all architectures, whether on-premises or in the cloud.

D.

They allow management of underlying public cloud architecture without needing to leave the firewall itself.

E.

They create a simplified consumption and deployment model throughout the production environment.

Full Access
Question # 20

Which statement describes a benefit of using automation tools like Ansible, Terraform, or pan-os-python to manage PAN-OS firewalls and Panorama?

A.

It will automatically optimize PAN-OS device performance without requiring any input from the administrator.

B.

It will completely replace the PAN-OS web interface for all management tasks.

C.

It eliminates the need to understand PAN-OS configuration concepts and best practices.

D.

It maintains consistency and reduces the risk of human error when managing multiple PAN-OS devices.

Full Access
Question # 21

Tags can be created for which three objects? (Choose three.)

A.

Address groups

B.

Dynamic NAT objects

C.

External dynamic lists

D.

Address objects

E.

Service groups

Full Access
Question # 22

Which statement correctly describes behavior when using Ansible to automate configuration changes on a PAN-OS firewall or in Panorama?

A.

Ansible can only be used to automate configuration changes on physical firewalls but not virtual firewalls.

B.

Ansible requires direct access to the firewall’s CLI to make changes.

C.

Ansible uses the XML API to make configuration changes to PAN-OS.

D.

Ansible requires the use of Python to create playbooks.

Full Access
Question # 23

Which three methods may be used to deploy CN-Series firewalls? (Choose three.)

A.

Terraform templates

B.

Panorama plugin for Kubernetes

C.

YAML file

D.

Helm charts

E.

Docker Swarm

Full Access
Question # 24

Which two products can be deployed using Terraform for automation and integration? (Choose two.)

A.

PA-Series firewall

B.

VM-Series firewall

C.

CN-Series firewall

D.

Cloud NGFW

Full Access
Question # 25

Per reference architecture, which default PAN-OS configuration should be overridden to make VM-Series firewall deployments in the public cloud more secure?

A.

Intrazone-default rule action and logging

B.

Intrazone-default rule service

C.

Interzone-default rule action and logging

D.

Interzone-default rule service

Full Access