ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 352 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 352
Topic #: 1
[All PCNSE Questions]

A firewall administrator wants to avoid overflowing the company syslog server with traffic logs.
What should the administrator do to prevent the forwarding of DNS traffic logs to syslog?

  • A. Disable logging on security rules allowing DNS.
  • B. Go to the Log Forwarding profile used to forward traffic logs to syslog. Then, under traffic logs match list, create a new filter with application not equal to DNS.
  • C. Go to the Log Forwarding profile used to forward traffic logs to syslog. Then, under traffic logs match list, create a new filter with application equal to DNS.
  • D. Create a security rule to deny DNS traffic with the syslog server in the destination.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by millosz222 at Sept. 14, 2022, 7:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
millosz222
Highly Voted 2 years, 1 month ago
Selected Answer: B
sloud be B
upvoted 12 times
...
JRKhan
Most Recent 9 months, 3 weeks ago
Selected Answer: B
B is correct. Filter should include "not equal
upvoted 1 times
...
Metgatz
10 months, 2 weeks ago
B - Prevent the forwarding of DNS
upvoted 1 times
...
playthegamewithme
1 year, 4 months ago
B is correct, as I have tested it in my Lab, when I was using the eq to DNS filter I could still see that DNS traffic logs were forwarded but when using not equal to DNS the DNS-related traffic was non existed to be forwarded
upvoted 2 times
...
[Removed]
1 year, 6 months ago
Im ok with B, but why not A? If i have a policy rule for DNS traffic, I just have to put log forwarding option as "none" to avoid sending that logs right?
upvoted 3 times
sujss
1 year, 6 months ago
Could be because those rule might be allowing some other Apps, and you would lose the logs for them as well.
upvoted 3 times
...
...
awtsuritacuna
1 year, 11 months ago
Option B Create a new log forwarding profile which forwards logs only to Syslog device. Create a specific security policy for DNS traffic https://live.paloaltonetworks.com/t5/general-topics/how-to-stop-dns-traffic-logs-going-to-log-collector/td-p/290425
upvoted 1 times
...
confusion
1 year, 11 months ago
Selected Answer: B
NOT equal to DNS
upvoted 1 times
...
guilhermeandrade
2 years ago
Selected Answer: B
B is correct.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago