PSE-SASE Palo Alto Networks System Engineer Professional-SASEExam Questions and Answers

cloud-native, cloud-based delivery

converged WAN edge and network security

broad network-edge support

identity and network location

Step 4: Create the Zero Trust Policy

Step 3: Architect a Zero Trust Network

Step 1: Define the Protect Surface

Step 5: Monitor and Maintain the Network

GlobalProtect

Broker VM

explicit proxy

system-wide proxy

cost savings

data protection

increased licensing requirements

increased performance

decreased reliance on best practices

It stops attacks that use DNS for command and control or data theft.

It feeds threat intelligence into an automation engine for rapid and consistent protections.

It classifies sites based on content, features, and safety.

It continuously validates every stage of a digital interaction.

50 Mbps

175 Mbps

250 Mbps

25 Mbps

automation of UI workflow without any code development and deployment of Prisma SD-WAN ION devices

utilization of near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats

identification of port-based rules so they can be converted to application-based rules without compromising application availability

configuration of the authentication source once instead of for each authentication method used

It enables definition of the privileges and responsibilities of administrative users in a network.

It allows configuration to forward logs to external logging destinations, such as syslog servers.

It steers traffic and defines networking and security policies from an application-centric perspective, rather than a packet-based approach.

It provides the ability to push common configurations, configuration updates, and software upgrades to all or a subset of the managed appliances.

remote browser isolation

secure web gateway (SWG)

network sandbox

DNS Security

Infrastructure as a Service (IaaS)

remote browser isolation

network sandbox

Firewall as a Service (FWaaS)

Autonomous Digital Experience Management (ADEM)

firewall as a service (FWaaS)

Threat Intelligence Platform (TIP)

security information and event management (SIEM)

Administrator can allocate up to 120% of the total bandwidth purchased for aggregate locations to support traffic peaks.

Administrator must assign a minimum of 50 MB to any compute location that will support remote networks.

Administrator is not required to allocate all purchased bandwidth to compute locations for the configuration to be valid.

Bandwidth that is allocated to a compute location is statically and evenly distributed across remote networks in that location.

Internet of Things (IOT) Security is included with each license.

It provides cloud-based, centralized log storage and aggregation.

It is a perpetual license required to enable support for multiple virtual systems on PA-3200 Series firewalls.

For remote network and Clean Pipe deployments, a unit is defined as 1 Mbps of bandwidth.

Step 4: Create the Zero Trust policy

Step 3: Architect a Zero Trust network

Step 1: Define the protect surface

Step 5: Monitor and maintain the network

SCP Proxy

SSL Inbound Proxy

SSH Forward Proxy

SSL Forward Proxy