Exam PCNSE topic 1 question 8 discussion

In option A , panorama IP is incorrect

It can be A (most likely) or B (Second best). There is no remote chance of D being the answer

The key here is that it says ONLY TRAFFIC LOGS, so B is the only answer that works for only traffic log issues Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the NGFW to Panorama

For sure its B

Question has changed, what I got in my exam was only the screenshots, without the initial network topology and the question was asking "what are the most probable configuration errror if only logs do not arrive on Panorama". So option B now is clearly the right answer.

in the question, it specifically states can not see logs. Which implies that Panorama is still able to manage devices, just doesn’t get logs. if Panorama is able to manage, IP address is correct, and image IP can be ignored. Which would move the answer to B P.S. PA tests writers dont usually trick you such with incorrect IP, its not Cisco ;) Just my 2 cents on the matter

A - The Panorama address is wrong. Nothing will get to Panorama. The syslog screen shot is not relavent because they say no traffic logs on Panorama. And the screen shot showing no "Log Forwarding" profile is for a single Sec Policy. Every policy needs log forwarding to show up in Panorama. Only valid if a firewall has only 1 rule. And the last screen shot seems like some random Panorama config screen.

Answer: A First of all you need to connect the Firewall to Panorama. Once that is done you configure your templates and device groups via Panorama and push that to the firewall. That includes policy and log forwarding. If you had misconfiguration on the firewall regarding logs that would be mitigated via Panorama push. https://docs.paloaltonetworks.com/panorama/9-0/panorama-admin/manage-log-collection/configure-log-forwarding-to-panorama.html

Correct Answer: B

A is the correct the up of panorama is wrong

B is the answer

agree with the rest, B as no log forwarding not configured. D's configuration reside in Panorama. The question specifically said the config issue is on FW side.

Log forwarding is not enabled. B is the correct answer.

I guess that right answer is B if you have bad Panorama IP will not interfere with log-collection, if log collector ip is bad will no send logs to the collector, but if rule has been set to no log null.. no log will be generated so B is the right answer

Pretty sure its B, no log forwarding set. The IPs are wrong for both syslog and panorama, guessing that was oversight in the question writer.

The Answer is B, Log forwarding is set to null with no log wording profile set. No logs will be forwarded

Seems like the answer is B