Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCNSE Topic 12 Question 94 Discussion

Actual exam question for Palo Alto Networks's PCNSE exam
Question #: 94
Topic #: 12
[All PCNSE Questions]

A firewall administrator has confirm reports of a website is not displaying as expected, and wants to ensure that decryption is not causing the issue. Which three methods can the administrator use to determine if decryption is causing the website to fail? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C, D

by Kris at Aug 05, 2024, 05:46 AM

Limited Time Offer

25%

Off

Get Premium PCNSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Victor
9 months ago
I also think temporarily disabling SSL decryption for all websites could be a good troubleshooting step.
upvoted 0 times
...
Val
9 months ago
I agree, that could help us pinpoint the issue.
upvoted 0 times
...
Eladia
9 months ago
I think we should investigate decryption logs first.
upvoted 0 times
...
Penney
9 months ago
I also think temporarily disabling SSL decryption for all websites could be a good troubleshooting step.
upvoted 0 times
...
Eric
9 months ago
Hmm, I'd say the correct answers are B, D, and C. Gotta love those firewall administrators, always trying to keep us on our toes!
upvoted 0 times
Adolph
9 months ago
Yeah, those methods should help determine if decryption is causing the website to fail.
upvoted 0 times
...
Tawna
9 months ago
I think you're right, B, D, and C seem like the best options.
upvoted 0 times
...
...
Eloisa
9 months ago
Moving the decrypt policy to the top? That's like putting the cart before the horse. Gotta troubleshoot the issue first, then make any policy changes.
upvoted 0 times
Laurel
8 months ago
Moving the decrypt policy to the top could cause more issues if the root cause isn't identified first.
upvoted 0 times
...
Alyce
9 months ago
Agreed. Investigating decryption logs of the specific traffic would be a better first step.
upvoted 0 times
...
Marti
9 months ago
Yeah, disabling SSL decryption for all websites seems like a drastic step.
upvoted 0 times
...
...
Dorsey
9 months ago
I agree, that could help us pinpoint the issue.
upvoted 0 times
...
Claudio
10 months ago
I think we should investigate decryption logs first.
upvoted 0 times
...
Dino
10 months ago
Disabling SSL decryption for all websites? That's like throwing the baby out with the bathwater. I'd go with the 'No Decrypt' rule instead.
upvoted 0 times
Selma
9 months ago
D: Definitely a better option than disabling decryption for all websites.
upvoted 0 times
...
Denny
9 months ago
C: I've used that method before and it worked well to troubleshoot decryption issues.
upvoted 0 times
...
Shannan
9 months ago
B: Yeah, I think creating a 'No Decrypt' rule would be a more targeted approach.
upvoted 0 times
...
Dick
9 months ago
A: I agree, disabling SSL decryption for all websites seems like overkill.
upvoted 0 times
...
...
Ahmad
10 months ago
Investigating decryption logs sounds like the way to go. I mean, if the website's not displaying, it's gotta be something to do with the decryption process, right?
upvoted 0 times
Lennie
9 months ago
B: I agree, we should also consider temporarily disabling SSL decryption for all websites to troubleshoot.
upvoted 0 times
...
Sage
10 months ago
A: Yeah, investigating decryption logs is definitely a good start.
upvoted 0 times
...
...
Tabetha
10 months ago
Oh man, this is a tough one! Disabling SSL handshake logging? That's like trying to fix a leaky faucet with a hammer, am I right?
upvoted 0 times
Roxane
9 months ago
C: Move the policy with action decrypt to the top of the decryption policy rulebase.
upvoted 0 times
...
Juliann
10 months ago
B: Create a policy-based 'No Decrypt' rule in the decryption policy to include specific traffic from decryption.
upvoted 0 times
...
Dulce
10 months ago
A: Investigate decryption logs of the specific traffic to determine reasons for failure.
upvoted 0 times
...
...

Save Cancel