Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

PCSFE Exam Dumps - Palo Alto Networks Certified Software Firewall Engineer (PCSFE)

Go to page:
Question # 9

Why are containers uniquely suitable for runtime security based on allow lists?

A.

Containers have only a few defined processes that should ever be executed.

B.

Developers define the processes used in containers within the Dockerfile.

C.

Docker has a built-in runtime analysis capability to aid in allow listing.

D.

Operations teams know which processes are used within a container.

Full Access
Question # 10

Which two configuration options does Palo Alto Networks recommend for outbound high availability (HA) design in Amazon Web Services using a VM-Series firewall? (Choose two.)

A.

Transit VPC and Security VPC

B.

Traditional active-active HA

C.

Transit gateway and Security VPC

D.

Traditional active-passive HA

Full Access
Question # 11

What helps avoid split brain in active-passive high availability (HA) pair deployment?

A.

Using a standard traffic interface as the HA2 backup

B.

Enabling preemption on both firewalls in the HA pair

C.

Using the management interface as the HA1 backup link

D.

Using a standard traffic interface as the HA3 link

Full Access
Question # 12

Which technology allows for granular control of east-west traffic in a software-defined network?

A.

Routing

B.

Microseqmentation

C.

MAC Access Control List

D.

Virtualization

Full Access
Question # 13

Which Palo Alto Networks firewall provides network security when deploying a microservices-based application?

A.

PA-Series

B.

ICN-Series

C.

VM-Series

D.

HA-Series

Full Access
Question # 14

What Palo Alto Networks software firewall protects Amazon Web Services (AWS) deployments with network security delivered as a managed cloud service?

A.

VM-Series

B.

Cloud next-generation firewall

C.

CN-Series

D.

Ion-Series Ion-Series

Full Access
Question # 15

How is traffic directed to a Palo Alto Networks firewall integrated with Cisco ACI?

A.

By using contracts between endpoint groups that send traffic to the firewall using a shared policy

B.

Through a virtual machine (VM) monitor domain

C.

Through a policy-based redirect

D.

By creating an access policy

Full Access
Question # 16

How are CN-Series firewalls licensed?

A.

Data-plane vCPU

B.

Service-plane vCPU

C.

Management-plane vCPU

D.

Control-plane vCPU

Full Access
Go to page: