Examice

Exam PSE-SASE All QuestionsBrowse all questions from this exam

Question 24

How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?

Enable syslog on the Instant-On Network (ION) device.

Use a zone-based firewall to export directly through application program interface (API) to the SIEM.

Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.

Use the centralized flow data-export tool built into the controller.

Correct Answer: A

To export all flow logs and security actions to a security information and event management (SIEM) system, the network engineer should enable syslog on the Instant-On Network (ION) device. Syslog is a standard protocol used to send system log or event messages to a specific server, which in this case is the SIEM system. This allows centralized logging and monitoring of network activities, making it an effective method for exporting flow logs and security actions.

Discussion

yet_another_userOption: A

Regarding link from docu below, it should be Syslog. However, SNMP is supported too. https://docs.paloaltonetworks.com/prisma/prisma-sd-wan/prisma-sd-wan-admin/prisma-sd-wan-sites-and-devices/use-external-services-for-monitoring/syslog-server-support-in-prisma-sd-wan

confusionOption: A

Should be A, SNMP is also supported.