Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Palo-Alto-Networks Discussions

Exam PCNSA topic 1 question 15 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 15
Topic #: 1
[All PCNSA Questions]

Choose the option that correctly completes this statement. A Security Profile can block or allow traffic ____________.

  • A. on either the data place or the management plane.
  • B. after it is matched by a security policy rule that allows traffic.
  • C. before it is matched to a Security policy rule.
  • D. after it is matched by a security policy rule that allows or blocks traffic.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-policy.html
by roman_cat at Dec. 12, 2020, 4:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Angel123
Highly Voted 3 years ago
'B' is correct answer according PCNSA Study Guide 2020, p.131 After a packet has been allowed by the Security policy, Security Profiles are used to scan packets for threats, vulnerabilities, viruses, spyware, malicious URLs, data exfiltration, and exploitation software.
upvoted 21 times
...
nabilzay
Highly Voted 3 years, 4 months ago
B is the correct answer, the security policy has to allow the traffic for the security profile to take action
upvoted 15 times
...
Snookerloopy
Most Recent 2 months, 3 weeks ago
Selected Answer: B
you dont put security profiles on a security policy that denies traffic
upvoted 1 times
...
Rivand
7 months ago
Selected Answer: B
t's B. D is wrong, the Profile can only take actions if the traffic is allowed by the security policy rule.
upvoted 1 times
...
claudio392
8 months, 2 weeks ago
Of course B
upvoted 1 times
...
Aaronyukin
8 months, 3 weeks ago
"B" is the Correct, as it is shown in the PCNSE exam questions.
upvoted 1 times
...
vigoras
11 months, 4 weeks ago
Selected Answer: B
B is correct answer.
upvoted 2 times
...
all_nicknames_are_taken
1 year, 1 month ago
B: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/security-profiles
upvoted 1 times
...
Najmmm
1 year, 2 months ago
Security policy rules allow or block traffic in network, while security profiles scans the applications for threats, such as viruses, malware, spyware, and DDOS attacks. So the answer B is correct as the traffic will need to be allowed first for security profiles scans
upvoted 1 times
Najmmm
1 year, 2 months ago
While security policy rules enable you to allow or block traffic on your network, security profiles help you define an allow but scan rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks
upvoted 1 times
...
...
argyris23
1 year, 3 months ago
Selected Answer: C
Definitely C!, if the security rule blocks the traffic it will never make it to the security profiles
upvoted 1 times
...
daytonadave2011
1 year, 3 months ago
Selected Answer: B
B is correct. Remember the Security Policy at the end of the Policy must be set to Allow, then you can add additional policies to check prior to allowing the traffic.
upvoted 1 times
...
DDisGR8
1 year, 8 months ago
Selected Answer: B
B is the correct answer
upvoted 1 times
...
seb_berlin
1 year, 9 months ago
Selected Answer: B
Of course is B the right answer. Took the PAN-EDU-210 a few weeks ago the course material says so as well as -> https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/security-profiles While security policy rules enable you to allow or block traffic on your network, security profiles help you define an allow but scan rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks. When traffic matches the allow rule defined in the security policy, the security profile(s) that are attached to the rule are applied for further content inspection rules such as antivirus checks and data filtering.
upvoted 1 times
...
scanossa
1 year, 10 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
Gerza27
1 year, 11 months ago
B is correct answer! Of course!
upvoted 2 times
...
kewokil120
1 year, 11 months ago
Selected Answer: B
B. Why would you put denied traffic through an IPS.
upvoted 1 times
...
jjb1989
1 year, 11 months ago
I feel like this is a trick question. The statement says "A Security profile can BLOCK OR ALLOW traffic ......", so why if B only says allow would it be correct over D which says allows or blocks?
upvoted 1 times
Letrange
1 year, 11 months ago
Security profiles are applied to allowed traffic by the security policy rule. It has no sense to apply a security profile on a policy rule that denies traffic.
upvoted 1 times
...
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel