ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 77 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 77
Topic #: 1
[All PCNSE Questions]

An administrator has a requirement to export decrypted traffic from the Palo Alto Networks NGFW to a third-party, deep-level packet inspection appliance.
Which interface type and license feature are necessary to meet the requirement?

  • A. Decryption Mirror interface with the Threat Analysis license
  • B. Virtual Wire interface with the Decryption Port Export license
  • C. Tap interface with the Decryption Port Mirror license
  • D. Decryption Mirror interface with the associated Decryption Port Mirror license
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by benfero at June 9, 2020, 5:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ChiaPet75
Highly Voted 4 years, 4 months ago
Correct: D ecryption port mirroring allows you to copy decrypted traffic from a firewall and then send it to a traffic collection tool, such as NetWitness or Solera. Decryption mirroring requires a Decryption Port Mirror license. This license is free of change and you can activate it through the customer support portal. https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-new-features/decryption-features/decryption_mirroring_support_extension#:~:text=Decryption%20port%20mirroring%20allows%20you,through%20the%20customer%20support%20portal.
upvoted 16 times
...
Marshpillowz
Most Recent 9 months, 2 weeks ago
Selected Answer: D
D is correct
upvoted 2 times
...
Pochex
1 year, 8 months ago
D is correct - This feature enables creating a copy of decrypted traffic from a firewall and sending it to a traffic collection tool. To enable the feature, you must acquire and install the free license. Please refer to https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/network/network-interfaces/decrypt-mirror-interface
upvoted 2 times
...
TAKUM1y
2 years, 1 month ago
Selected Answer: D
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/decryption/configure-decryption-port-mirroring
upvoted 3 times
...
NNgiggs
2 years, 9 months ago
D is correct, Note the decryption mirror interface only appear as an interface type when you install Decryption port mirror license. see step 4 of the configuration guide in the link below https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/configure-decryption-port-mirroring
upvoted 3 times
...
benfero
4 years, 4 months ago
D is right.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago