Test-Palo Alto Networks Accredited Systems Engineer (PSE): Endpoint Associate Accreditation Exam [Japanese 1 Japanese]

Test Questions

Question 1 of 25.

Which of the following activities shouldn't be highlighted during the Traps demonstration?

0 Viewing defense events on the Traps Management Services webinterface

0 Exploit technology protection with Traps EPM
0 Traps multi-method malware protection
® Disable or remove the Traps agent

0 Mark for follow up

Question 2 of 25.

Which is the correct description for the Traps Management Service Security Event Log?

0 Log system events are reported by the Traps agent.

® Logs are generated by the defense module when a threat occurs on the endpoint.
0 A record of configurations, policies, and system events is reported by the Traps Management Service.
0 Status records for all log files are collected by the Traps Management Service.

0 Mark for follow up

Question 3 of 25.

What items are not included in the content update?

0 Update to localanalysis mode!

6 New trusted source
0 New defaun policy rule
® New EPM

0 Mark for follow up

Question 4 of 25.

Which of the following skills exceed your expectations as a PSE Endpoint Associate certified person?

® Demonstration of Traps products

0 Sell Traps products to your technical staff.
0 Appeal Traps products to competrtor products
0 Implement the Traps solution in your environment.
0 Traps Solution Design

0 Mark for follow up

Question 5 of 25.

Choose right or wrong:Wildfire detects malware using both static and dynamic analysis mechanisms.

True False
® 0

0 Mark for follow up

Question 6 of 25.

Which of the following describes the characteristics of the malware executable? (Please select two.)

0 It depends on thelegrit mate applicait on reading tile file.

0 It can take the form of executable code or script.
@ Malicious and acts against theintent of computer users.
@ Included in application data files such as PDF,JPEG or HTML fli es.

0 Mark for follow up

Question 7 of 25.

Which of the following exception types is not valid in the Traps management service?

0 Support Excepit on
0 Hash Exception
0 Process Exception
® Administrator Exception

0 Mark for follow up

Question 8 of 25.

What does Traps use to thwart exploit techniques?

0 Logic flaws
® exploit protection modules (EPM)
0 Memoo1corruption
0 malware protection modules (MPM)

0 Mark for follow up

Question 9 of 25.

How Does EPM Prevent Exploit Attacks?

0 Use local static analysis.

0 Focus on soflware patching.
® Focus on exploit technology.
0 Use a trusted signer.

0 Mark for follow up

Question 10 of 25.

Which of the two locations will Traps forward logs to? (Please select two.)

0 FTP server
@ Panorama
0 Next generation firewall
@ syslog server
0 SNMP Trap

0 Mark for follow up

Question 11of 25.

Which is the correct description about localanalysis?

0 Local analysis is done for all decisions in the executable, even if WildFire decisions are present.
0 If the executable is determined to be unknown or not connected, alocalanalysis will be performed.
0 Palo Alto Networks uses large datasets to createlocalanalyses.
® Traps endpoint agent soflware builds a local analysis model based on the detected executables.

0 Mark for follow up

Question 12 of 25.

Which of the following statements is correct when a user receives an emailwith an attached file containing an exploit?

0 Exploits can only work when a buffer overflow is initiated.

0 Exploits can only work if the attackers system has the corresponding application installed.
® Exploits are launched by simply previewing the attachment.
0 Exploits can only do damage if they download malware.

0 Mark for follow up

Question 13 of 25.

What are the differentiators of Traps? (Please select three.)

0 Advance patching of servers and endpoints

@ Automatic conversion from threat intelligence to defense
@ Persistent defense
@ Multi-method defense

0 Mark for follow up

Question 14 of 25.

How does Traps complement Palo Alto Networks perimeter protection?

0 The ESM server sends the hash of the fli e directly to the Palo Alto Networks firewall.
0 Information about threats has been uploaded to the Traps agent.
0 The Traps endpoint sends threat signatures directly to the Palo Alto Networks firewall.
® Endpoints are someit mes used outside the boundaries of corporate networks.

0 Mark for follow up

Question 15 of 25.

Which of the following is correct about the scans in the Traps Management Service?

0 Supported by all agent types.

® Help companies comply with laws and regulations.
0 Supports macOS endpoints only.
0 Protection and defense features.

0 Mark for follow up

Question 16 of 25.

Which is the correct description for the Traps execution limit?

0 Included in regular content updates.

0 Used to identify which EPM applies to a givenprocess.
0 Used to blacklist or whrtelist files for the MPM process to continue.
® limrt the attack surface of the endpoint by defining where and how the user can execute the executable.

0 Mark for follow up

Question 17 of 25.

Which ofthe following is correct about the quarantine function ofTraps?

0 Traps moves malware fromlocalfolders or from removable hard drives to ESM censored folders.
0 Traps moves malware fromlocalfolders or removable hard drives to the ESM Quarantine Server.
® File restoration can be done via the Traps agent console.
0 Traps moves malware fromlocalfolders or from removable hard drives to localquaranit ne folders.

0 Mark for follow up

Question 18 of 25.

Which two attack vectors (routes) can Traps protect? (Please select two.)

0 Branch I branch firewall

@ Data center server
0 Internet perimeter firewall
@ End user workstation

0 Mark for follow up

Question 19 of 25.

Which endpoint solution type describes Traps most accurately?

0 Endpoint management solution

0 Detection and response solutions
0 Repair solution
® Defense solution

0 Mark for follow up

Question 20 of 25.

What is the HTTP address of the cloud service portal?

0 https://services.paloaltonetworks.com
0 https://portal.paloaltonetworks.com
0 https://csp.paloaltonetworks.com
® https://apps.paloaltonetworks.com

0 Mark for follow up

Question 21 of 25.

Which of the following is not a category of exploit technology?

® Stacked canary exploit technology such as CViE20121313

0 Malicious code by variables Technology that targets logic flaws such as masquerading
0 Code execution techniques, such as embedding malicious code in application data files
0 Memoo1damage technology such as Heap Spray and ROP chains

0 Mark for follow up

Question 22 of 25.

Which is the correct statement about malware detection?

0 When the Traps agent attempts to access a file for determination, if the active ESM server is unavailable, tile file status is registered as safe.
0 The judgment oflocalanalysis has priori/ over the judgment of WildFire.
® End users can use the Traps console to override the malware verdict.
0 If the active ESM server tries to contact WlidFire for a decision and WildFire is not available, tile endpoint gets the decision from local parsing.

0 Mark for follow up

Question 23 of 25.

Which Palo Alto Networks cloud service is used by the Traps management service?

0 Magnifier service
® Directory synchronization service
0 Reporting service
0 Domain name service

0 Mark for follow up

Question 24 of 25.

What are the three types of files Traps sends to WildFire for malware analysis? (Please select three.)

0 Adobe Flash file

@ MachO files for macOS (Macho)
@ All executable fli es
@ Excel and Word documents containing macros

0 Mark for follow up

Question 25 of 25.

Which is the correct description for a file hash?

0 The ESM server sends the hash of the PDF file to WildFire.
0 WildFire automatically updates the EMS server cache daliy with hashes of known files from other customers.
0 The ESM server sends hashes of PDF fli es and MS Office files to tile local cache folder.
® The Traps agent caches the hash of the determined executable file.

0 Mark for follow up

Save I Return ater I Summary I