Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks NetSec-Analyst Exam - Topic 2 Question 3 Discussion

Actual exam question for Palo Alto Networks's NetSec-Analyst exam
Question #: 3
Topic #: 2
[All NetSec-Analyst Questions]

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone.

Complete the empty field in the Security policy using an application object to permit only this type of access.

Source Zone: Internal -

Destination Zone: DMZ Zone -

Application: __________

Service: application-default -

Action: allow

Show Suggested Answer Hide Answer
Suggested Answer: B

by Laticia at Nov 22, 2025, 04:27 AM

Limited Time Offer

25%

Off

Get Premium NetSec-Analyst Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Katie
3 days ago
"ssl" is not right, we need plain HTTP.
upvoted 0 times
...
Adell
9 days ago
"web-browsing" could work too, but not specific enough.
upvoted 0 times
...
Argelia
14 days ago
Surprised this is even a question, isn't it obvious?
upvoted 0 times
...
Mollie
19 days ago
Definitely "http", that's the standard for web access.
upvoted 0 times
...
Ollie
24 days ago
Wait, why not allow "ssl"? Isn't that safer?
upvoted 0 times
...
Gerald
29 days ago
I think it should be "http" for sure.
upvoted 0 times
...
Ty
2 months ago
D is the answer, no doubt about it. Anything else would be like trying to put a square tire on a round car.
upvoted 0 times
...
Susana
2 months ago
D is the way to go. Anything else would be like trying to fit a square peg in a round hole.
upvoted 0 times
...
Dottie
2 months ago
I'm going with D. Can't go wrong with the direct HTTP application object. Anything else would be like trying to use a sledgehammer to crack a nut.
upvoted 0 times
...
Carin
2 months ago
D definitely looks like the right answer. Allowing "any" application would be too broad, and "ssl" or "web-browsing" wouldn't be specific enough.
upvoted 0 times
...
Kimberely
2 months ago
Hmm, I think the answer is D. HTTP access is the only type of access allowed, so "http" should be the correct application object.
upvoted 0 times
...
Margart
2 months ago
"ssl" doesn't seem right here, since that's for HTTPS, which we don't want. I guess it's between "http" and "web-browsing."
upvoted 0 times
...
Dominga
3 months ago
I remember practicing a similar question, and I think "http" was the right choice for allowing web access specifically.
upvoted 0 times
...
Alayna
3 months ago
I'm not entirely sure, but "web-browsing" sounds like it could work too, since it usually involves HTTP traffic.
upvoted 0 times
...
Malcom
3 months ago
I think the application should be "http" since we only want to allow HTTP access.
upvoted 0 times
...
Margery
3 months ago
I think I've got a good strategy for this. The key is to focus on the specific requirements stated in the question - HTTP access from the internal zone to the DMZ zone. That points me towards option D, "http", as the best choice.
upvoted 0 times
...
Dexter
3 months ago
I'm a little confused by this question. Does "application-default" mean I should just leave that field blank? Or should I choose one of the other options? I'm not entirely sure how to approach this.
upvoted 0 times
...
Kenneth
3 months ago
Option D has to be the right answer. The question clearly states that the users need HTTP access, so "http" is the most direct and accurate application object to use.
upvoted 0 times
...
Eva
4 months ago
Agreed, only HTTP access makes sense.
upvoted 0 times
...
Barrett
4 months ago
This is tricky. I think it should be "http".
upvoted 0 times
...
Danica
4 months ago
"web-browsing" seems too broad, right?
upvoted 0 times
...
Carissa
5 months ago
Hmm, I'm a bit unsure about this one. I'm not sure if "web-browsing" is the right choice since the question specifically mentions HTTP access. Maybe option D, "http", would be better?
upvoted 0 times
...
Phillip
5 months ago
I think I'll go with option B - "web-browsing". That seems like the most specific and appropriate application object to allow HTTP access.
upvoted 0 times
Jacquelyne
4 months ago
I think option D - "http" is the best choice. It's straightforward.
upvoted 0 times
...
Vince
4 months ago
Let's stick with "http" to cover all bases.
upvoted 0 times
...
...

Save Cancel