[30/July/2018 Updated] Pass PSE-Endpoint – Professional Exam By Training PassLeader Free PSE-Endpoint – Professional Study Materials (Part A)

New Updated PSE-Endpoint – Professional Exam Questions from PassLeader PSE-Endpoint – Professional PDF dumps! Welcome to download the newest PassLeader PSE-Endpoint – Professional VCE dumps: https://www.passleader.com/pse-endpoint.html (50 Q&As)

Keywords: PSE-Endpoint – Professional exam dumps, PSE-Endpoint – Professional exam questions, PSE-Endpoint – Professional VCE dumps, PSE-Endpoint – Professional PDF dumps, PSE-Endpoint – Professional practice tests, PSE-Endpoint – Professional study guide, PSE-Endpoint – Professional braindumps, Palo Alto Networks PSE-Endpoint – Professional Exam

P.S. New PSE-Endpoint – Professional dumps PDF: https://drive.google.com/open?id=17Ss-ZFHiBqSZZf9iClCnjHKFkp3VuMB6

P.S. New PSE-Platform – Professional dumps PDF: https://drive.google.com/open?id=1rS9soZUvQXWQlPr_0nzTnkcuKvPPmnZG

QUESTION 1
To ensure that the Traps VDI tool can obtain verdicts for all unknown files what are the things that needs to be checked? Assuming ESM Console and ESM Server are on different servers. (Choose two.)

A.    ESM Server can access WildFire Server.
B.    Endpoint can access WildFire Server.
C.    ESM Console can access WildFire Server.
D.    Endpoint can access ESM Server.

Answer: AD

QUESTION 2
Which set of modules must be loaded and configured when using Metasploit?

A.    Attacker, payload
B.    Exploit, payload
C.    Exploit, malware
D.    Malware, host

Answer: C

QUESTION 3
Which MSI command line parameters will successfully install a Traps agent using SSL and pointed to server ESM?

A.    msiexec /i c:\traps.msi /qn TRAPS_SERVER=ESM USE_SSL_PRIMARY=1
B.    msiexec /i c:\traps.msi /qn CYVERA_SERVER=ESM USE_SSL_PRIMARY=1
C.    msiexec /i c:\traps.msi /qn ESM_SERVER=ESM USE_SSL_PRIMARY=1
D.    msiexec /x c:\traps.msi /qn SERVER=ESM USE_SSL_PRIMARY=1

Answer: B

QUESTION 4
Which two enhanced key usage purposes are necessary when creating an SSL certificate for an ESM server? (Choose two.)

A.    File Recovery
B.    Server Authentication
C.    Client Authentication
D.    Key Recovery

Answer: BC

QUESTION 5
In a scenario that macOS Traps logs failed to be uploaded to the forensic folder, where will the user on the macOS host be able to find to collected logs?

A.    /ProgramData/Cyvera/Logs
B.    /ProgramData/Cyvera/Everyone/Temp
C.    /Library/Application Support/Cyvera/BITS Uploads/
D.    /Library/Application Support/PaloAltoNetworks/Traps/Upload/

Answer: D

QUESTION 6
Traps agents use a default password for uninstallation in the event that they never communicate with their ESM server. Identify which of the following password is correct?

A.    PaloAlto!
B.    Uninstall1
C.    No password is required
D.    Password1

Answer: D

QUESTION 7
Uploads to the ESM Sever are failing. How can the mechanism for forensic and WildFire uploads be tested from the endpoint?

A.    Use BITS commands in PowerShell to send a file to the ESM Server.
B.    Use curl to execute a POST operation.
C.    Use SCP commands from a ssh client to transfer a file to the ESM Server.
D.    Click Check-in now in the agent console.

Answer: D

QUESTION 8
The administrator has added the following whitelist to the WildFire Executable Files policy:
*\mysoftware.exe
What will be the result of this whitelist?

A.    users will not be able to run mysoftware.exe
B.    mysoftware.exe will be uploaded to WildFire for analysis
C.    mysoftware.exe will not be analyzed by WildFire regardless of the file location
D.    mysoftware.exe will not be analyzed by WildFire, but only if executed from the C drive

Answer: B

QUESTION 9
In a scenario where winword.exe, Microsoft Word application, is behaving abnormally, how would the administrator verify if Traps DLLs are injected to the process?

A.    Run cytool policy winword.exe.
B.    Use Process Explore to find Traps DLLs injected to the process.
C.    Open the add-ins tab in Word’s options to find Traps add-in.
D.    Use ‘Ninja mode’ in the policy editing screen in the ESM to find winword.exe.

Answer: B

QUESTION 10
Assume a Child Process Protection rule exists for powershell.exe in Traps v 4.0. Among the items on the blacklist is ipconfig.exe. How can an administrator permit powershell.exe to execute ipconfig.exe without altering the rest of the blacklist?

A.    Add ipconfig.exe to the Global Child Processes Whitelist, under Restriction settings.
B.    Uninstall and reinstall the traps agent.
C.    Create a second Child Process Protection rule for powershell.exe to whitelist ipconfig.exe.
D.    Remove ipconfig.exe from the rule’s blacklist.

Answer: A

QUESTION 11
Which software category is most likely to cause a conflict with the Traps agent?

A.    Exploit prevention software
B.    Web browser software
C.    Web meeting and collaboration software
D.    Full disk encryption software

Answer: A

QUESTION 12
A deployment contains some machines that are not part of the domain. The Accounting and Sales departments are two of these. How can a policy of WildFire notification be applied to Accounting, and a policy of WildFire prevention be applied to Sales, while not affecting any other WildFire policies?

A.    Create the rules and use the Objects tab to add Accounting and Sales to each rule they should apply to.
B.    Create a condition for an application found on an Accounting machine.
Use that condition for the Accounting groups rule, and create the rule tor Sales without any conditions.
C.    Create two rules for WildFire: one for prevention, and one for notification.
Make sure the Accounting rule is numbered higher.
D.    Create group-specific registry entries on endpoints.
Use these registry entries to create conditions for the WildFire rules.

Answer: C

QUESTION 13
An administrator is concerned about rogue installs of Internet Explorer. Which policy can be created to assure that Internet Explorer can only run from the \Program Files \Internet Explorer \directory?

A.    An execution path policy to blacklist iexplore.exe, and whitelist entry for %programfiles%\iexplore.exe.
B.    An execution path policy to blacklist *\iexplore.exe. Trusted signers will allow the default iexplore.exe.
C.    A whitelist of *\iexplore.exe with an execution path restriction, and a blackfirst of %system%\iexplore.exe.
D.    An execution path policy to blacklist *\iexplore.exe, and a whitelist entry for %programfiles%\Internet Explorer\iexplore.exe.

Answer: D

QUESTION 14
When planning to test a software exploit using a Metasploit module, what two options should be considered about the victim host to ensure success? (Choose two.)

A.    USB port version of the victim host.
B.    Speed and make of the victim’s RAM.
C.    Software version of the target application.
D.    Platform, architecture, and patch level of the victim host.

Answer: AC

QUESTION 15
An administrator receives an alert indicating the ESM service is not starting on the ESM Server. When the administrator tries to start the service manually, the administrator receives an error:
“The Endpoint Security Manager service on Local Computer started and then stopped.”
What is the cause of the failure?

A.    The Account assigned to the service does not have “Log on as a batch job” permissions on the machine.
B.    The Account assigned to the service does not have “Log on as a service” permissions on the machine.
C.    The Account assigned to the service is not the Local Administrator on the machine.
D.    The Account assigned to the service is not an Active Directory Domain user.

Answer: B


Download the newest PassLeader PSE-Endpoint – Professional dumps from passleader.com now! 100% Pass Guarantee!

PSE-Endpoint – Professional PDF dumps & PSE-Endpoint – Professional VCE dumps: https://www.passleader.com/pse-endpoint.html (50 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)

P.S. New PSE-Endpoint – Professional dumps PDF: https://drive.google.com/open?id=17Ss-ZFHiBqSZZf9iClCnjHKFkp3VuMB6

P.S. New PSE-Platform – Professional dumps PDF: https://drive.google.com/open?id=1rS9soZUvQXWQlPr_0nzTnkcuKvPPmnZG