ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 210 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 210
Topic #: 1
[All PCNSA Questions]

The compliance officer requests that all evasive applications need to be blocked on all perimeter firewalls out to the internet. The firewall is configured with two zones:
1. trust for internal networks
2. untrust to the internet
Based on the capabilities of the Palo Alto Networks NGFW, what are two ways to configure a security policy using App-ID to comply with this request? (Choose two.)

  • A. Create a deny rule at the top of the policy from trust to untrust with service application-default and add an application filter with the evasive characteristic
  • B. Create a deny rule at the top of the policy from trust to untrust over any service and select evasive as the application
  • C. Create a deny rule at the top of the policy from trust to untrust with service application-default and select evasive as the application
  • D. Create a deny rule at the top of the policy from trust to untrust over any service and add an application filter with the evasive characteristic
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by nolox at March 16, 2023, 12:23 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
N1KH1L
7 months, 2 weeks ago
It's a bit tricky, but the answer becomes clear when you start eliminating the obvious. For example, there's no application called 'evasive' mentioned in options B and C. Therefore, the correct answer is A and D.
upvoted 3 times
...
hdrnzienlaoroljol
1 year ago
Selected Answer: AD
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-applications/applications-overview
upvoted 1 times
...
nolox
1 year, 2 months ago
Selected Answer: AD
Column Characteristics on the pic: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-applications/applications-overview
upvoted 1 times
...
nolox
1 year, 3 months ago
Selected Answer: AD
Seems correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel