Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Palo-Alto-Networks Discussions

Exam PCNSA topic 1 question 194 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 194
Topic #: 1
[All PCNSA Questions]

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone.
The administrator does not want to allow traffic between the DMZ and LAN zones.
Which Security policy rule type should they use?

  • A. interzone
  • B. intrazone
  • C. default
  • D. universal
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by mushi4ka at Sept. 24, 2022, 8:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
AriGold
3 months, 1 week ago
The minute you took away any traffic, it was no longer UNIVERSAL. "Does not want to match traffic where the source and destination zones are LAN or DMZ" It was no longer INTRAZONE. That only left INTERZONE.
upvoted 1 times
...
CarlosDV06
1 year, 1 month ago
I've the evaluation tomorrow and read this example question. The answer is B, the question asks for the rule TYPE and we have three: Intrazone (within a zone), interzone (between zones) and universal (within and between zones).
upvoted 1 times
...
[Removed]
1 year, 1 month ago
Selected Answer: B
Most of the question is fluff. Main key takeaways are: 1) Allow DNS traffic within LAN-ZONE 2) Allow DNS traffic within DMZ-ZONE 3) Deny DNS traffic between LAN-ZONE, DMZ-ZONE What Security Rule type is required? - Universal allows traffic between the zones and within the zones. - Interzone does NOT allow traffic within a zone, and permits traffic between the two zones - Default isn't a valid option as you have to point out WHICH default policy, is it the intra or the inter? - Universal allows traffic between the zones and within the zones. Intrazone allows traffic within the zones, you can NOT configure a destination zone. So the correct answer is B
upvoted 2 times
...
baccalacca
1 year, 1 month ago
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTHCA0
upvoted 1 times
...
baccalacca
1 year, 1 month ago
A security policy allowing traffic between the same zone, this applies the rule to all matching traffic within the specified source zones (cannot specify a destination zone for intrazone rules). For example, if setting the source zone to A and B, the rule would apply to all traffic within zone A and all traffic within zone B, but not to traffic between zones A and B.
upvoted 1 times
...
blahblah1234567890000
1 year, 3 months ago
Selected Answer: B
Its b since its not going between zones.
upvoted 1 times
...
lorentinooo
1 year, 4 months ago
Selected Answer: A
It says that DNS traffic is allowed in LAN and DMZ zone. That traffic could come from outside zone, such as internet but it is not allowed between LAN and DMZ. According to this, I'd say is A because you only need to match Interzone areas.
upvoted 1 times
...
michelbragaguimaraes
1 year, 4 months ago
Selected Answer: C
Default
upvoted 1 times
...
ReallyMatters
1 year, 4 months ago
Why not C. Pls read carefully
upvoted 2 times
[Removed]
1 year, 1 month ago
default what? interzone-default or intrazone-default... Most of the question is fluff. Main key takeaways are: Allow DNS traffic within LAN-ZONE Allow DNS traffic within DMZ-ZONE Deny DNS traffic between LAN-ZONE, DMZ-ZONE What Security Rule type is required? Interzone does NOT allow traffic within a zone, and permits traffic between the two zones Default isn't a valid option as you have to point out WHICH default policy, is it the intra or the inter? Universal allows traffic between the zones and within the zones. Intrazone allows traffic within the zones, you can NOT configure a destination zone. So the correct answer is B
upvoted 1 times
...
...
TheMaster01
1 year, 7 months ago
Selected Answer: B
Intrazone: A security policy allowing traffic between the same zone, this applies the rule to all matching traffic within the specified source zones (cannot specify a destination zone for intrazone rules). For example, if setting the source zone to A and B, the rule would apply to all traffic within zone A and all traffic within zone B, but not to traffic between zones A and B.
upvoted 4 times
...
mushi4ka
1 year, 7 months ago
Selected Answer: B
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel