Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Palo-Alto-Networks Discussions

Exam PCNSE topic 1 question 20 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 20
Topic #: 1
[All PCNSE Questions]

A user's traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user's traffic matches when it goes to http://www.company.com.
How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

  • A. Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  • B. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  • C. Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  • D. Configure path monitoring for the next hop gateway on the default route in the virtual router.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-web-interface-help/network/network-network-profiles-monitor#
by tester12 at Sept. 9, 2019, 9:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
UFanat
Highly Voted 1 year, 9 months ago
Selected Answer: B
B is a correct one: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network-network-profiles/network-network-profiles-monitor A monitor profile is used to monitor IPSec tunnels and to monitor a next-hop device for policy-based forwarding (PBF) rules. In both cases, the monitor profile is used to specify an action to take when a resource (IPSec tunnel or next-hop device) becomes unavailable. wait-recover—Wait for the tunnel to recover; do not take additional action. Packets will continue to be sent according to the PBF rule. fail-over—Traffic will fail over to a backup path, if one is available. The firewall uses routing table lookup to determine routing for the duration of this session.
upvoted 8 times
...
Marshpillowz
Most Recent 2 months, 3 weeks ago
Selected Answer: B
Answer is B.
upvoted 1 times
...
TAKUM1y
1 year, 6 months ago
Selected Answer: B
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network-network-profiles/network-network-profiles-monitor
upvoted 1 times
...
kerberos
2 years, 8 months ago
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/policy-based-forwarding/pbf/path-monitoring-for-pbf.html
upvoted 2 times
...
kerberos
2 years, 8 months ago
BEHAVIOR OF A SESSION ON A MONITORING FAILURE IF THE RULE STAYS ENABLED WHEN THE MONITORED IP ADDRESS IS UNREACHABLE IF RULE IS DISABLED WHEN THE MONITORED IP ADDRESS IS UNREACHABLE For an established session wait-recover—Continue to use egress interface specified in the PBF rule wait-recover—Continue to use egress interface specified in the PBF rule fail-over—Use path determined by routing table (no PBF) fail-over—Use path determined by routing table (no PBF) For a new session wait-recover—Use path determined by routing table (no PBF) wait-recover—Check the remaining PBF rules. If no match, use the routing table fail-over—Use path determined by routing table (no PBF) fail-over—Check the remaining PBF rules. If no match, use the routing table
upvoted 1 times
...
SMahaldar
2 years, 8 months ago
B is right
upvoted 4 times
...
rocioha
3 years, 1 month ago
B looks correct
upvoted 2 times
...
ping_rto
3 years, 3 months ago
B looks legit
upvoted 1 times
...
UmaShankar
3 years, 5 months ago
Answer is B
upvoted 1 times
...
nk12
3 years, 8 months ago
Correct Answer: B
upvoted 1 times
...
nickylake
3 years, 8 months ago
Monitor profile is used to specify an action to take when a resource (IPSec tunnel or next-hop device) becomes unavailable . Answer is B
upvoted 2 times
...
Ahmad_Zahran
4 years ago
B is correct.
upvoted 1 times
...
asmaam
4 years ago
correct answer is B
upvoted 1 times
...
shiiitboi
4 years, 2 months ago
B is correct.
upvoted 1 times
...
Sammy3637
4 years, 3 months ago
B is correct https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFiCAK
upvoted 2 times
...
tester12
4 years, 7 months ago
Seems like the anwser is B https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-web-interface-help/network/network-network-profiles-monitor#
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel