New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks NetSec-Analyst Exam - Topic 2 Question 3 Discussion

Actual exam question for Palo Alto Networks's NetSec-Analyst exam
Question #: 3
Topic #: 2
[All NetSec-Analyst Questions]

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone.

Complete the empty field in the Security policy using an application object to permit only this type of access.

Source Zone: Internal -

Destination Zone: DMZ Zone -

Application: __________

Service: application-default -

Action: allow

Show Suggested Answer Hide Answer
Suggested Answer: B

by Laticia at Nov 22, 2025, 04:27 AM

Limited Time Offer

25%

Off

Get Premium NetSec-Analyst Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ty
1 day ago
D is the answer, no doubt about it. Anything else would be like trying to put a square tire on a round car.
upvoted 0 times
...
Susana
6 days ago
D is the way to go. Anything else would be like trying to fit a square peg in a round hole.
upvoted 0 times
...
Dottie
12 days ago
I'm going with D. Can't go wrong with the direct HTTP application object. Anything else would be like trying to use a sledgehammer to crack a nut.
upvoted 0 times
...
Carin
17 days ago
D definitely looks like the right answer. Allowing "any" application would be too broad, and "ssl" or "web-browsing" wouldn't be specific enough.
upvoted 0 times
...
Kimberely
22 days ago
Hmm, I think the answer is D. HTTP access is the only type of access allowed, so "http" should be the correct application object.
upvoted 0 times
...
Margart
27 days ago
"ssl" doesn't seem right here, since that's for HTTPS, which we don't want. I guess it's between "http" and "web-browsing."
upvoted 0 times
...
Dominga
1 month ago
I remember practicing a similar question, and I think "http" was the right choice for allowing web access specifically.
upvoted 0 times
...
Alayna
1 month ago
I'm not entirely sure, but "web-browsing" sounds like it could work too, since it usually involves HTTP traffic.
upvoted 0 times
...
Malcom
1 month ago
I think the application should be "http" since we only want to allow HTTP access.
upvoted 0 times
...
Margery
2 months ago
I think I've got a good strategy for this. The key is to focus on the specific requirements stated in the question - HTTP access from the internal zone to the DMZ zone. That points me towards option D, "http", as the best choice.
upvoted 0 times
...
Dexter
2 months ago
I'm a little confused by this question. Does "application-default" mean I should just leave that field blank? Or should I choose one of the other options? I'm not entirely sure how to approach this.
upvoted 0 times
...
Kenneth
2 months ago
Option D has to be the right answer. The question clearly states that the users need HTTP access, so "http" is the most direct and accurate application object to use.
upvoted 0 times
...
Eva
2 months ago
Agreed, only HTTP access makes sense.
upvoted 0 times
...
Barrett
2 months ago
This is tricky. I think it should be "http".
upvoted 0 times
...
Danica
3 months ago
"web-browsing" seems too broad, right?
upvoted 0 times
...
Carissa
3 months ago
Hmm, I'm a bit unsure about this one. I'm not sure if "web-browsing" is the right choice since the question specifically mentions HTTP access. Maybe option D, "http", would be better?
upvoted 0 times
...
Phillip
3 months ago
I think I'll go with option B - "web-browsing". That seems like the most specific and appropriate application object to allow HTTP access.
upvoted 0 times
Jacquelyne
2 months ago
I think option D - "http" is the best choice. It's straightforward.
upvoted 0 times
...
Vince
3 months ago
Let's stick with "http" to cover all bases.
upvoted 0 times
...
...

Save Cancel