Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

Where is the menu to configure quarantined devices in SCM?

A.

Quarantine Devices

B.

Quarantined Device List

C.

Security Events

D.

Device Groups

Which set of practices should be implemented with Cloud Access Security Broker (CASB) to ensure robust data encryption and protect sensitive information in SaaS applications?

A.

Do not enable encryption for data-at-rest to improve performance.

B.

Use default encryption keys provided by the SaaS provider.

C.

Perform annual encryption key rotations.

D.

Enable encryption for data-at-rest and in transit, regularly update encryption keys, and use strong encryption algorithms.

A network security engineer has created a Security policy in Prisma Access that includes a negated region in the source address. Which configuration will ensure there is no connectivity loss due to the negated region?

A.

Set the service to be application-default.

B.

Create a Security policy for the negated region with destination address “any”.

C.

Add a Dynamic Application Group to the Security policy.

D.

Add all regions that contain private IP addresses to the source address.

In a distributed enterprise implementing Prisma SD-WAN, which configuration element should be implemented first to ensure optimal traffic flow between remote sites and headquarters?

A.

Deploy redundant ION devices at each location.

B.

Implement dynamic path selection using real-time performance metrics.

C.

Configure static routes between all the branch offices.

D.

Enable split tunneling for all branch locations.

How are policies evaluated in the AWS management console when creating a Security policy for a Cloud NGFW?

A.

The administrator sets a rule order to determine the order in which they are evaluated.

B.

They can be dragged up or down the stack as they are evaluated.

C.

The administrator sets a rule priority to determine the order in which they are evaluated.

D.

They must be created in the order they are intended to be evaluated.

Which two SSH Proxy decryption profile settings should be configured to enhance the company’s security posture? (Choose two.)

A.

Block sessions when certificate validation fails.

B.

Allow sessions with legacy SSH protocol versions.

C.

Block connections that use non-compliant SSH versions.

D.

Allow sessions when decryption resources are unavailable.

How does Strata Logging Service help resolve ever-increasing log retention needs for a company using Prisma Access?

A.

It increases resilience due to decentralized collection and storage of logs.

B.

Automatic selection of physical data storage regions decreases adoption time.

C.

It can scale to meet the capacity needs of new locations as business grows.

D.

Log traffic using the licensed bandwidth purchased for Prisma Access reduces overhead.

Which two types of logs must be forwarded to Strata Logging Service for IoT Security to function? (Choose two.)

A.

WildFire

B.

Enhanced application

C.

Threat

D.

URL Filtering

What must be configured to successfully onboard a Prisma Access remote network using Strata Cloud Manager (SCM)?

A.

Cloud Identity Engine

B.

Autonomous Digital Experience Manager (ADEM)

C.

GlobalProtect agent

D.

IPSec termination node

During a security incident investigation, which Security profile will have logs of attempted confidential data exfiltration?

A.

File Blocking Profile

B.

Enterprise DLP Profile

C.

Vulnerability Protection Profile

D.

WildFire Analysis Profile