ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 72 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 72
Topic #: 1
[All PCNSE Questions]

An administrator sees several inbound sessions identified as unknown-tcp in the Traffic logs. The administrator determines that these sessions are form external users accessing the company's proprietary accounting application. The administrator wants to reliably identify this traffic as their accounting application and to scan this traffic for threats.
Which option would achieve this result?

  • A. Create a custom App-ID and enable scanning on the advanced tab.
  • B. Create an Application Override policy.
  • C. Create a custom App-ID and use the ג€ordered conditionsג€ check box.
  • D. Create an Application Override policy and a custom threat signature for the application.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by MS_NW at July 9, 2020, 7:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
trashboat
Highly Voted 3 years, 9 months ago
A is the correct answer: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/app-id/manage-custom-or-unknown-applications.html
upvoted 6 times
...
Marshpillowz
Most Recent 1 year ago
Selected Answer: A
A is correct
upvoted 1 times
...
sov4
1 year, 5 months ago
Selected Answer: A
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRoCAK
upvoted 1 times
...
drpcc
1 year, 6 months ago
Selected Answer: D
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/app-id/manage-custom-or-unknown-applications.html "create a custom application and define an application override policy"
upvoted 1 times
ALCOSTA35
5 months, 2 weeks ago
The override policy stops at layer 4 and does not allow scanning
upvoted 1 times
...
Xuzi
1 year, 2 months ago
D option is not saying "custom" but - Create an Application Override policy. Create a Custom Application with a signature and attach it to a security policy, or create a custom application and define an application override policy https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/app-id/manage-custom-or-unknown-applications
upvoted 1 times
...
...
Sarbi
2 years, 1 month ago
It is B. Once you enable application override it will not go beyound layer 4.
upvoted 2 times
sujss
1 year, 9 months ago
Then how would this be accomplished ? "and to scan this traffic for threats."
upvoted 1 times
...
javim
2 years ago
I agree
upvoted 1 times
...
...
UFanat
2 years, 7 months ago
Selected Answer: A
Application Override policy disables scan for threats
upvoted 2 times
Gngogh
2 years, 2 months ago
it depends if you choose a parent app or not
upvoted 2 times
...
...
datz
2 years, 8 months ago
Selected Answer: A
Correct a https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRoCAK
upvoted 1 times
...
hpbdcb
4 years, 2 months ago
absolutely A. take note of "reliably identify" here - which excludes B.
upvoted 4 times
ameeeeen
4 years ago
True, it's also said ' to scan this traffic for threats' which exludes B too
upvoted 2 times
...
...
MS_NW
4 years, 6 months ago
Looks like A https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRoCAK
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel