Palo Alto Networks Exam PCNSA Topic 1 Question 62 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam

Question #: 62
Topic #: 1

Four configuration choices are listed, and each could be used to block access to a specific URL. If you configured each choices to block the sameURL then which choice would be the last to block access to the URL?

AEDL in URL Filtering Profile.

BCustom URL category in Security Policy rule.

CCustom URL category in URL Filtering Profile.

DPAN-DB URL category in URL Filtering Profile.

Show Suggested Answer

Suggested Answer: B

Option B enables the required traffic by allowing SSL and web-browsing from UNTRUST to DMZ, denying SSH from UNTRUST to DMZ, allowing MYSQL from DMZ to SERVER, and allowing SSH from SERVER to DMZ. Option A allows SSH from UNTRUST to DMZ, which is not required. Option C denies all the required traffic.Option D denies all traffic from UNTRUST to TRUST, which is irrelevant to the question

https://www.paloaltonetworks.com/services/education/palo-alto-networks-certified-network-security-administrator

by Leonor at May 02, 2024, 11:55 PM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kristin

16 hours ago

I disagree, I believe choice A would be the last to block access.

upvoted 0 times

...

Shizue

3 days ago

Hmm, this is a tricky one. I think the answer is C) Custom URL category in URL Filtering Profile, as that would be the last layer of defense before the traffic hits the firewall.

upvoted 0 times

...