Valid PSE-Strata-Pro-24 Dumps shared by ExamDiscuss.com for Helping Passing PSE-Strata-Pro-24 Exam! ExamDiscuss.com now offer the newest PSE-Strata-Pro-24 exam dumps, the ExamDiscuss.com PSE-Strata-Pro-24 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PSE-Strata-Pro-24 dumps with Test Engine here:
A company plans to deploy identity for improved visibility and identity-based controls for least privilege access to applications and data. The company does not have an on-premises Active Directory (AD) deployment, and devices are connected and managed by using a combination of Entra ID and Jamf. Which two supported sources for identity are appropriate for this environment? (Choose two.)
Correct Answer: C,D
In this scenario, the company does not use on-premises Active Directory and manages devices with Entra ID and Jamf, which implies a cloud-native and modern management setup. Below is the evaluation of each option: * Option A: Captive portal * Captive portal is typically used in environments where identity mapping is needed for unmanaged devices or guest users. It provides a mechanism for users to authenticate themselves through a web interface. * However, in this case, the company is managing devices using Entra ID and Jamf, which means identity information can already be centralized through other means. Captive portal is not an ideal solution here. * This option is not appropriate. * Option B: User-ID agents configured for WMI client probing * WMI (Windows Management Instrumentation) client probing is a mechanism used to map IP addresses to usernames in a Windows environment. This approach is specific to on-premises Active Directory deployments and requires direct communication with Windows endpoints. * Since the company does not have an on-premises AD and is using Entra ID and Jamf, this method is not applicable. * This option is not appropriate. * Option C: GlobalProtect with an internal gateway deployment * GlobalProtect is Palo Alto Networks' VPN solution, which allows for secure remote access. It also supports identity-based mapping when deployed with internal gateways. * In this case, GlobalProtect with an internal gateway can serve as a mechanism to provide user and device visibility based on the managed devices connecting through the gateway. * This option is appropriate. * Option D: Cloud Identity Engine synchronized with Entra ID * The Cloud Identity Engine provides a cloud-based approach to synchronize identity information from identity providers like Entra ID (formerly Azure AD). * In a cloud-native environment with Entra ID and Jamf, the Cloud Identity Engine is a natural fit as it integrates seamlessly to provide identity visibility for applicationsand data. * This option is appropriate. References: * Palo Alto Networks documentation on Cloud Identity Engine * GlobalProtect configuration and use cases in Palo Alto Knowledge Base
