ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 194 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 194
Topic #: 1
[All PCNSA Questions]

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone.
The administrator does not want to allow traffic between the DMZ and LAN zones.
Which Security policy rule type should they use?

  • A. interzone
  • B. intrazone
  • C. default
  • D. universal
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by mushi4ka at Sept. 24, 2022, 8:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AriGold
1 year ago
The minute you took away any traffic, it was no longer UNIVERSAL. "Does not want to match traffic where the source and destination zones are LAN or DMZ" It was no longer INTRAZONE. That only left INTERZONE.
upvoted 2 times
ploiesti
6 months, 2 weeks ago
it`s B. Intrazone.
upvoted 1 times
...
...
CarlosDV06
1 year, 10 months ago
I've the evaluation tomorrow and read this example question. The answer is B, the question asks for the rule TYPE and we have three: Intrazone (within a zone), interzone (between zones) and universal (within and between zones).
upvoted 1 times
...
baccalacca
1 year, 10 months ago
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTHCA0
upvoted 1 times
...
baccalacca
1 year, 10 months ago
A security policy allowing traffic between the same zone, this applies the rule to all matching traffic within the specified source zones (cannot specify a destination zone for intrazone rules). For example, if setting the source zone to A and B, the rule would apply to all traffic within zone A and all traffic within zone B, but not to traffic between zones A and B.
upvoted 1 times
...
blahblah1234567890000
2 years ago
Selected Answer: B
Its b since its not going between zones.
upvoted 1 times
...
lorentinooo
2 years, 1 month ago
Selected Answer: A
It says that DNS traffic is allowed in LAN and DMZ zone. That traffic could come from outside zone, such as internet but it is not allowed between LAN and DMZ. According to this, I'd say is A because you only need to match Interzone areas.
upvoted 1 times
...
michelbragaguimaraes
2 years, 1 month ago
Selected Answer: C
Default
upvoted 1 times
...
ReallyMatters
2 years, 1 month ago
Why not C. Pls read carefully
upvoted 2 times
...
TheMaster01
2 years, 4 months ago
Selected Answer: B
Intrazone: A security policy allowing traffic between the same zone, this applies the rule to all matching traffic within the specified source zones (cannot specify a destination zone for intrazone rules). For example, if setting the source zone to A and B, the rule would apply to all traffic within zone A and all traffic within zone B, but not to traffic between zones A and B.
upvoted 4 times
...
mushi4ka
2 years, 4 months ago
Selected Answer: B
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel