ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 458 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 458
Topic #: 1
[All PCNSE Questions]

Which two policy components are required to block traffic in real time using a dynamic user group (DUG)? (Choose two.)

  • A. A Decryption policy to decrypt the traffic and see the tag
  • B. A Deny policy with the “tag” App-ID to block the tagged traffic
  • C. An Allow policy for the initial traffic
  • D. A Deny policy for the tagged traffic
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by ob8n at Dec. 21, 2022, 7:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ob8n
Highly Voted 1 year, 10 months ago
Selected Answer: CD
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups Use the dynamic user group in a policy to regulate traffic for the members of the group. You will need to configure at least two rules: one to allow initial traffic to populate the dynamic user group and one to deny traffic for the activity you want to prevent (in this case, questionable-activity). To tag users, the rule to allow traffic must have a higher rule number in your rulebase than the rule that denies traffic.
upvoted 8 times
...
Marshpillowz
Most Recent 9 months ago
Selected Answer: CD
C and D correct
upvoted 1 times
...
brian7857ffs45
11 months, 1 week ago
This question was on the exam.. Nov 2023
upvoted 4 times
...
Gabuu
1 year, 8 months ago
C and D
upvoted 1 times
...
djedeen
1 year, 10 months ago
Selected Answer: CD
Per the links already posted here.
upvoted 1 times
...
dogeatdog
1 year, 10 months ago
Selected Answer: CD
Step 5. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/use-dynamic-user-groups-in-policy
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago