Exam PCNSE topic 1 question 93 discussion

Correct A, C C is not apple-id, is app-id https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/app-id/manage-custom-or-unknown-applications#

The statement says "The firewall identifies a popular application as an unknown-tcp". It doesn't say traffic is being dropped. If it identifies it, that means a rule is already in place. It also says popular, and as per https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-custom-or-unknown-applications#, "...If the packet capture reveals that the application is a commercial application, you can submit this packet capture to Palo Alto Networks for App-ID development...". Commercial equates to popular. I say AC

A and C correct.

A&C is correct: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clu2CAC

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/app-id/manage-custom-or-unknown-applications

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/app-id/manage-custom-or-unknown-applications Actually shows A,C,D as all viable options. Great... I think A & D actually provide solutions, versus waiting on Palo to build you something that you will need to wait for.

You can create a custom app: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/use-application-objects-in-policy/create-a-custom-application or submit a request to PAN https://www.paloaltonetworks.com/blog/submit-an-application/

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/app-id/manage-custom-or-unknown-applications#

Correct A, C

Correct A, C. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-custom-or-unknown-applications Check that the article mentioned "Create security policies to control unknown application" No to Identify as the option D

A C correct

Go on the Reference link read the beginning and after the step 6, you need to create a custom app and then to create a security policy to allow the new app that you created... during time you will understand how it communicates, how access is done as is written in the tech docs... after that if you want you can submit this to Palo to create an app but 1st you need to do this so the answer is A and D .

A and C are correct

A , C C: since it is a popular (referred in the docs as "commercial") Application , ((Request an App-ID from Palo Alto Networks—If you would like to inspect and control the applications that traverse your network, for any unknown traffic, you can record a packet capture. If the packet capture reveals that the application is a commercial application, you can submit this packet capture to Palo Alto Networks for App-ID development. If it is an internal application, you can create a custom App-ID and/or define an application override policy.)) D: would be right if it an internal or Organization Application https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-custom-or-unknown-applications

Correct A, D C "Create a custom application." unconditional.

A & D A: because thats the way to go to reliably identify a custom app PA says: "Create a Custom Application with a signature and attach it to a security policy" D: because you need to see traffic on the wire to create custom patterns matching that new application (otherwise it would be just blocked and you will not be able to create a custom app) PA says: "Create security policies to control unknown applications by unknown TCP, unknown UDP or by a combination of source zone, destination zone, and IP addresses. " So even though a security policy alone (D) will not help but together with A its the way how it works. ref: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-custom-or-unknown-applications#

A and c are the answer we can create custom as well give request for app-id creation