'B' is correct answer according PCNSA Study Guide 2020, p.131
After a packet has been allowed by the Security policy, Security Profiles are used to scan packets for threats, vulnerabilities, viruses, spyware, malicious URLs, data exfiltration, and exploitation software.
Security Profiles are not used in the match criteria of a traffic flow. The Security Profile is applied to scan traffic after the application or category is allowed by the Security policy rule.
I believe that is a 'B' is correct, and "D" not is the correct.
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/security-profiles
"Security Profiles are not used in the match criteria of a traffic flow. The Security Profile is applied to scan traffic after the application or category is allowed by the Security policy rule."
Security policy rules allow or block traffic in network, while security profiles scans the applications for threats, such as viruses, malware, spyware, and DDOS attacks. So the answer B is correct as the traffic will need to be allowed first for security profiles scans
While security policy rules enable you to allow or block traffic on your network, security profiles help you define an allow but scan rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks
B is correct. Remember the Security Policy at the end of the Policy must be set to Allow, then you can add additional policies to check prior to allowing the traffic.
Of course is B the right answer.
Took the PAN-EDU-210 a few weeks ago the course material says so as well as ->
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/security-profiles
While security policy rules enable you to allow or block traffic on your network, security profiles help you define an allow but scan rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks. When traffic matches the allow rule defined in the security policy, the security profile(s) that are attached to the rule are applied for further content inspection rules such as antivirus checks and data filtering.
This section is not available anymore. Please use the main Exam Page.PCNSA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Angel123
Highly Voted 4 years agonabilzay
Highly Voted 4 years, 4 months ago[Removed]
Most Recent 1 week, 4 days agodragossky
8 months agovinicius27
11 months agoSnookerloopy
1 year, 3 months agoRivand
1 year, 7 months agoclaudio392
1 year, 8 months agoAaronyukin
1 year, 8 months ago[Removed]
1 year, 12 months agoall_nicknames_are_taken
2 years, 1 month agoNajmmm
2 years, 2 months agoNajmmm
2 years, 2 months agoargyris23
2 years, 3 months agodaytonadave2011
2 years, 4 months agoDDisGR8
2 years, 8 months agoseb_berlin
2 years, 9 months agoscanossa
2 years, 10 months ago