ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 238 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 238
Topic #: 1
[All PCNSA Questions]

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone.

Complete the empty field in the Security policy using an application object to permit only this type of access.


Source Zone: Internal -

Destination Zone: DMZ Zone -
Application: __________

Service: application-default -
Action: allow

  • A. Application = "any"
  • B. Application = "web-browsing"
  • C. Application = "ssl"
  • D. Application = "http"
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Oteslar at Dec. 12, 2022, 1:27 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Oteslar
Highly Voted 2 years, 7 months ago
Selected Answer: B
i think the answer is B, becauce http is not an application but service, the web-browsing cab be http/https.
upvoted 6 times
...
ARWANGSH
Highly Voted 2 years, 6 months ago
Selected Answer: B
http is not an app-id, web-browsing is: https://applipedia.paloaltonetworks.com/
upvoted 5 times
...
avadhoot72
Most Recent 10 months, 1 week ago
here, specifically, http access specified in question. so, web browsing is consisting of HTTP and HTTPS ports, so correct answer is application http
upvoted 1 times
...
Aredus
1 year, 4 months ago
B is correct as it uses tcp/80 in app-id.
upvoted 1 times
...
[Removed]
1 year, 8 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
[Removed]
2 years, 4 months ago
This was oddly worded and the whole question should not even count. The question is clearly specifying ONLY HTTP traffic, but the provided options do not match the asked criteria. HTTP is a server, and web-browsing is an APP-ID. However, "web-browsing" if left alone with default application service allows both http and https. More over, the answer doesn't make a correction in the Service option and leaves it as application-default. I agree that the answer, based on the requirements is B, but the question sucks.
upvoted 5 times
...
khaled_ellaboudy
2 years, 5 months ago
Selected Answer: B
Web browsing is a valid add id while http is not, http is a service and not an app
upvoted 3 times
khaled_ellaboudy
2 years, 5 months ago
APP id and not add id, sorry for the typo
upvoted 2 times
...
...
sjurka
2 years, 7 months ago
Selected Answer: B
http is a service. web-browsing should be selected
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel