ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 189 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 189
Topic #: 1
[All PCNSA Questions]

Which statement best describes a common use of Policy Optimizer?

  • A. Policy Optimizer can be used on a schedule to automatically create a disabled Layer 7 App ID Security policy for every Layer 4 policy that exist. Admins can then manually enable policies they want to keep and delete ones they want to remove.
  • B. Policy Optimizer can display which Security policies have not been used in the last 90 days.
  • C. Policy Optimizer on aVM-50 firewall can display which Layer 7 App-ID Security policies have unused applications.
  • D. Policy Optimizer can add or change a Log Forwarding profile for each Security policy selected.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Hyay at Sept. 20, 2022, 12:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hyay
Highly Voted 2 years, 7 months ago
Selected Answer: B
Not correct to me. Seems to be B. Documentation says it does not change profiles. https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-cloud-managed-admin/create-prisma-access-policy/policy-optimizer
upvoted 7 times
...
dc6a988
Most Recent 10 months, 1 week ago
Selected Answer: D
B and D are correct
upvoted 1 times
...
Aredus
1 year, 1 month ago
D is correct, though the working in the question is the most common usage of policy optimizer. I guess it depends on that as B may also be the answer.
upvoted 1 times
...
Reliic
1 year, 5 months ago
Selected Answer: B
Identification of Overly Permissive Rules: The Policy Optimizer categorizes rules as overly permissive if they are allowing any application traffic and are at least 90 days old. This categorization is important because such rules can introduce security gaps by allowing unnecessary traffic
upvoted 1 times
...
Calica
1 year, 6 months ago
For me B
upvoted 1 times
...
dawlims
1 year, 8 months ago
Selected Answer: A
I agree with innuendo2's explanation
upvoted 1 times
...
Skey
1 year, 10 months ago
Selected Answer: A
The key word for me is « common » both A and B are option for policy optimizer but i’ll go for A as a common use of this solution
upvoted 1 times
...
innuendo2
1 year, 10 months ago
for me is A Policy Optimizer identifies port-based rules so you can convert them to application-based allow rules or add applications from a port-based rule to an existing application-based rule without compromising application availability. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/app-id/security-policy-rule-optimization
upvoted 3 times
...
TheMaster01
2 years, 7 months ago
Selected Answer: B
B is correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago