ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 553 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 553
Topic #: 1
[All PCNSE Questions]

Why would a traffic log list an application as "not-applicable"?

  • A. There was not enough application data after the TCP connection was established.
  • B. The TCP connection terminated without identifying any application data.
  • C. The firewall denied the traffic before the application match could be performed.
  • D. The application is not a known Palo Alto Networks App-ID.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by anholy at Sept. 4, 2023, 12:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Marshpillowz
11 months, 3 weeks ago
Selected Answer: C
C is correct
upvoted 2 times
...
Andromeda1800
1 year, 1 month ago
Selected Answer: C
C correct
upvoted 2 times
...
Andromeda1800
1 year, 1 month ago
Selected Answer: C
C is correct
upvoted 2 times
...
jsmitty11
1 year, 3 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
karositey2k
1 year, 4 months ago
i agree with "C"
upvoted 2 times
...
karositey2k
1 year, 4 months ago
"Not-applicable" means that the Palo Alto Firewall has received data that will be discarded because the port or service that the traffic is coming in on was not allowed. Or there is no policy allowing that port or service.
upvoted 3 times
...
certprep2021
1 year, 4 months ago
Selected Answer: C
" If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed." https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC#:~:text=If%20traffic%20hits%20a%20security,application%20match%20could%20be%20performed.&text=Traffic%20Log%20for%20this%20deny%20logs.
upvoted 2 times
...
agu77
1 year, 4 months ago
Selected Answer: B
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-auto-tagging-to-automate-security-actions
upvoted 1 times
Jared28
10 months, 3 weeks ago
C is *more* correct as not-applicable applies to both *UDP* and TCP.
upvoted 1 times
...
...
anholy
1 year, 4 months ago
C is correct https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel