Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCNSE Topic 12 Question 94 Discussion

Actual exam question for Palo Alto Networks's PCNSE exam
Question #: 94
Topic #: 12
[All PCNSE Questions]

A firewall administrator has confirm reports of a website is not displaying as expected, and wants to ensure that decryption is not causing the issue. Which three methods can the administrator use to determine if decryption is causing the website to fail? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C, D

by Kris at Aug 05, 2024, 05:46 AM

Limited Time Offer

25%

Off

Get Premium PCNSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Victor
10 months ago
I also think temporarily disabling SSL decryption for all websites could be a good troubleshooting step.
upvoted 0 times
...
Val
10 months ago
I agree, that could help us pinpoint the issue.
upvoted 0 times
...
Eladia
10 months ago
I think we should investigate decryption logs first.
upvoted 0 times
...
Penney
10 months ago
I also think temporarily disabling SSL decryption for all websites could be a good troubleshooting step.
upvoted 0 times
...
Eric
11 months ago
Hmm, I'd say the correct answers are B, D, and C. Gotta love those firewall administrators, always trying to keep us on our toes!
upvoted 0 times
Adolph
10 months ago
Yeah, those methods should help determine if decryption is causing the website to fail.
upvoted 0 times
...
Tawna
10 months ago
I think you're right, B, D, and C seem like the best options.
upvoted 0 times
...
...
Eloisa
11 months ago
Moving the decrypt policy to the top? That's like putting the cart before the horse. Gotta troubleshoot the issue first, then make any policy changes.
upvoted 0 times
Laurel
10 months ago
Moving the decrypt policy to the top could cause more issues if the root cause isn't identified first.
upvoted 0 times
...
Alyce
10 months ago
Agreed. Investigating decryption logs of the specific traffic would be a better first step.
upvoted 0 times
...
Marti
11 months ago
Yeah, disabling SSL decryption for all websites seems like a drastic step.
upvoted 0 times
...
...
Dorsey
11 months ago
I agree, that could help us pinpoint the issue.
upvoted 0 times
...
Claudio
11 months ago
I think we should investigate decryption logs first.
upvoted 0 times
...
Dino
11 months ago
Disabling SSL decryption for all websites? That's like throwing the baby out with the bathwater. I'd go with the 'No Decrypt' rule instead.
upvoted 0 times
Selma
10 months ago
D: Definitely a better option than disabling decryption for all websites.
upvoted 0 times
...
Denny
10 months ago
C: I've used that method before and it worked well to troubleshoot decryption issues.
upvoted 0 times
...
Shannan
11 months ago
B: Yeah, I think creating a 'No Decrypt' rule would be a more targeted approach.
upvoted 0 times
...
Dick
11 months ago
A: I agree, disabling SSL decryption for all websites seems like overkill.
upvoted 0 times
...
...
Ahmad
11 months ago
Investigating decryption logs sounds like the way to go. I mean, if the website's not displaying, it's gotta be something to do with the decryption process, right?
upvoted 0 times
Lennie
11 months ago
B: I agree, we should also consider temporarily disabling SSL decryption for all websites to troubleshoot.
upvoted 0 times
...
Sage
11 months ago
A: Yeah, investigating decryption logs is definitely a good start.
upvoted 0 times
...
...
Tabetha
12 months ago
Oh man, this is a tough one! Disabling SSL handshake logging? That's like trying to fix a leaky faucet with a hammer, am I right?
upvoted 0 times
Roxane
11 months ago
C: Move the policy with action decrypt to the top of the decryption policy rulebase.
upvoted 0 times
...
Juliann
11 months ago
B: Create a policy-based 'No Decrypt' rule in the decryption policy to include specific traffic from decryption.
upvoted 0 times
...
Dulce
11 months ago
A: Investigate decryption logs of the specific traffic to determine reasons for failure.
upvoted 0 times
...
...

Save Cancel