ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 583 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 583
Topic #: 1
[All PCNSE Questions]

A firewall engineer is configuring quality of service (QoS) policy for the IP address of a specific server in an effort to limit the bandwidth consumed by frequent downloads of large files from the internet.

Which combination of pre-NAT and/or post-NAT information should be used in the QoS rule?

  • A. Pre-NAT source IP address -
    Pre-NAT source zone
  • B. Post-NAT source IP address -
    Pre-NAT source zone
  • C. Pre-NAT source IP address -
    Post-NAT source zone
  • D. Post-NAT source IP address -
    Post-NAT source zone
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by b53fdf1 at March 28, 2024, 12:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
b53fdf1
Highly Voted 1 year, 3 months ago
Selected Answer: A
If you want to apply QoS treatment to traffic based on source, you must specify the pre-NAT source address (such as pre-NAT source IP, pre-NAT source zone, pre-NAT destination IP, and post-NAT destination zone) in a QoS policy rule. https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/quality-of-service/configure-qos
upvoted 7 times
...
thelittleyellowbirdie
Most Recent 10 months, 2 weeks ago
this question was in my exam 09/08/2024
upvoted 1 times
...
nebulanerd
1 year ago
B + C are wrong because mentions "Post-NAT source IP address" B + D are wrong because they mention "Post-NAT source zone" So, A! "Do not configure the QoS policy with the post-NAT source address if you want to apply QoS treatment for the source traffic." "Because QoS is enforced on traffic as it egresses the firewall, your QoS policy rule is applied to traffic after the firewall has enforced all other security policy rules, including Network Address Translation (NAT) rules. If you want to apply QoS treatment to traffic based on source, you must specify the pre-NAT source address (such as pre-NAT source IP, pre-NAT source zone, pre-NAT destination IP, and post-NAT destination zone) in a QoS policy rule." https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/quality-of-service/configure-qos https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/quality-of-service/configure-qos
upvoted 1 times
...
betko
1 year ago
This question was on exam in June 24.
upvoted 2 times
...
hcir
1 year, 1 month ago
all policies except NAT policies use the post-nat destination zone to evaluate. This is because the NAT policy is the first one to be evaluated, and should there be destination nat, the destination zone should be used.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel