Palo Alto Networks Exam PSE-SoftwareFirewall Topic 1 Question 19 Discussion

Actual exam question for Palo Alto Networks's PSE-SoftwareFirewall exam

Question #: 19
Topic #: 1

[All PSE-SoftwareFirewall Questions]

How does a CN-Series firewall prevent exfiltration?

AIt distributes incoming virtual private cloud (VPC) traffic across the pool of VM-Series firewalls.

BIt inspects outbound traffic content and blocks suspicious activity.

CIt provides a license deactivation API key.

DIt employs custom-built signatures based on hash.

Show Suggested Answer

Suggested Answer: B

Creating a New Virtual Switch:

By creating a new virtual switch, you can segment the network within the ESXi environment. The VM-Series firewall can then be used to provide security controls between these virtual switches using virtual wire mode.

Palo Alto Networks VM-Series Deployment Guide

Moving Guests to New Virtual Switch:

Guests requiring additional security are moved to the new virtual switch, allowing the VM-Series firewall to inspect and control traffic between the switches. This setup does not necessitate changes to the existing IP addresses or default gateways of the VMs.

Palo Alto Networks VM-Series Virtual Wire Mode

by Stevie at Jan 22, 2025, 08:56 AM

Limited Time Offer

25%

Off

Get Premium PSE-SoftwareFirewall Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Bettina

7 hours ago

B) Inspecting outbound traffic content and blocking suspicious activity seems like the best way to prevent data exfiltration. Seems pretty straightforward to me.

upvoted 0 times

...

Cristen

3 days ago

I think a CN-Series firewall prevents exfiltration by inspecting outbound traffic content.

upvoted 0 times

...