Palo Alto Networks Exam PCNSE Topic 6 Question 116 Discussion

Actual exam question for Palo Alto Networks's PCNSE exam

Question #: 116
Topic #: 6

What would allow a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain?

Aan Authentication policy with 'unknown' selected in the Source User field

Ban Authentication policy with 'known-user' selected in the Source User field

Ca Security policy with 'known-user' selected in the Source User field

Da Security policy with 'unknown' selected in the Source User field

Show Suggested Answer

Suggested Answer: A

For a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain, the most effective method is to use an Authentication policy targeting users not yet identified by the system.

A . an Authentication policy with 'unknown' selected in the Source User field:

An Authentication policy allows the firewall to challenge unidentified users for credentials. By selecting 'unknown' in the Source User field, the policy targets users who have not yet been identified by the firewall, which would include users on new BYOD devices not joined to the domain.

Once the user provides valid credentials, the firewall can authenticate the user and map their identity to subsequent sessions, enabling the application of user-based policy rules and monitoring.

This approach ensures that new and unknown devices can be properly authenticated and identified without compromising security or requiring the device to be part of the corporate domain.

by Essie at Aug 17, 2025, 03:15 AM

Limited Time Offer

25%

Off

Get Premium PCNSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!