U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-Platform Exam - Topic 1 Question 39 Discussion

Which two features are found in a next-generation firewall but are absent in a legacy firewall product? (Choose two)
C) Traffic control is based on IP, port, and protocol
A) Identification of application is possible on any port
B) Traffic is separated by zones
D) Policy match is a based on application
E) Onboard SSL decryption capability is used

Palo Alto Networks PSE-Platform Exam - Topic 1 Question 39 Discussion

Actual exam question for Palo Alto Networks's PSE-Platform exam
Question #: 39
Topic #: 1
[All PSE-Platform Questions]

Which two features are found in a next-generation firewall but are absent in a legacy firewall product? (Choose two)

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

0/2000 characters
Roy
8 months ago
I still think legacy firewalls can do a decent job without all this.
upvoted 0 times
...
Chery
8 months ago
Totally agree with A, it's a game changer!
upvoted 0 times
...
Iola
8 months ago
Wait, are you sure about E? Sounds too advanced for some setups.
upvoted 0 times
...
Ora
8 months ago
I think B is also important for modern firewalls.
upvoted 0 times
...
Lamar
8 months ago
A and D are definitely next-gen features!
upvoted 0 times
...
Shawnee
8 months ago
I have a vague memory that legacy firewalls don't handle application-level policies well, which makes me lean towards D and A for this question.
upvoted 0 times
...
Alexis
8 months ago
I practiced a question similar to this, and I think SSL decryption is definitely a next-gen feature, so E could be right.
upvoted 0 times
...
Lenny
8 months ago
I'm not entirely sure, but I feel like traffic control based on application is a big feature of next-gen firewalls, so maybe D is correct too.
upvoted 0 times
...
Jettie
9 months ago
I remember studying that next-gen firewalls can identify applications regardless of the port, so I think option A might be one of the answers.
upvoted 0 times
...
Vanda
9 months ago
I got this! The answer is to create, configure, and activate the locale all under the Global Preferences section. No need to do anything in the Site Preferences.
upvoted 0 times
...
Jaleesa
9 months ago
Okay, the key here is that the representatives assigned to check the products are unsuitable. I think discussing this with project assurance is the best way to address the issue and get the right people involved.
upvoted 0 times
...
Marg
9 months ago
I think the Teardrop attack is the one that can't be reassembled. That's the attack that causes issues with the way fragments are put back together, right?
upvoted 0 times
...
Marci
1 year ago
Wait, there are firewalls that can do more than just block ports? Mind. Blown. I'm going to have to go with B and D, because traffic zones sound like they'd keep my network nice and compartmentalized, and application-based policies are the way of the modern cybersecurity world.
upvoted 0 times
Carmelina
12 months ago
Tashia: Absolutely, legacy firewalls just can't compete with the capabilities of next-generation firewalls.
upvoted 0 times
...
Verdell
12 months ago
User 3: I think application-based policies are crucial for protecting against advanced threats.
upvoted 0 times
...
Tashia
12 months ago
User 2: Definitely, it helps keep things organized and secure.
upvoted 0 times
...
Rebbecca
12 months ago
User 1: I agree, traffic zones are a game changer for network security.
upvoted 0 times
...
...
France
1 year ago
As a certified firewall aficionado, I can say with confidence that the correct answers are A and E. Identifying apps on any port and SSL decryption? That's the stuff dreams are made of. Legacy firewalls? More like 'legacy-cy' firewalls, am I right?
upvoted 0 times
Amira
12 months ago
Absolutely, being able to identify applications on any port is a game-changer in the world of firewall technology.
upvoted 0 times
...
Stefany
12 months ago
Legacy firewalls just can't compete with the level of security provided by onboard SSL decryption.
upvoted 0 times
...
Olive
1 year ago
I agree, A and E are definitely the key features in next-generation firewalls.
upvoted 0 times
...
...
Justa
1 year ago
Haha, this question is a real 'next-gen' head-scratcher! I'm going to go with C and D, because who doesn't love some good old-fashioned IP, port, and protocol control? And application-based policy, that's the future, baby!
upvoted 0 times
Stephen
1 year ago
User3: Yeah, those features definitely set next-gen firewalls apart from legacy ones.
upvoted 0 times
...
Thaddeus
1 year ago
User2: Totally agree, application-based policy is the future for sure.
upvoted 0 times
...
Rosendo
1 year ago
User1: I think C and D are the way to go, IP, port, and protocol control is key.
upvoted 0 times
...
...
Tomoko
1 year ago
I'm torn between B and E. Zoning traffic and SSL decryption are pretty advanced features that legacy firewalls usually don't have. But I could be wrong, this stuff can get pretty technical.
upvoted 0 times
Felix
1 year ago
E) Onboard SSL decryption capability is used
upvoted 0 times
...
Sylvie
1 year ago
B) Traffic is separated by zones
upvoted 0 times
...
Wayne
1 year ago
A) Identification of application is possible on any port
upvoted 0 times
...
...
Van
1 year ago
I think options A and D are the correct answers. Next-gen firewalls can identify applications on any port, unlike legacy firewalls that rely on IP, port, and protocol. And policy matching is based on application, not just network protocols.
upvoted 0 times
Lashawn
1 year ago
That's true. Legacy firewalls rely on IP, port, and protocol for traffic control.
upvoted 0 times
...
Kimberlie
1 year ago
And policy matching is based on application, not just network protocols.
upvoted 0 times
...
Marshall
1 year ago
Yes, you're right. Next-gen firewalls can identify applications on any port.
upvoted 0 times
...
Charisse
1 year ago
I think options A and D are the correct answers.
upvoted 0 times
...
...
Alberto
1 year ago
Yes, having onboard SSL decryption capability is a game changer for security.
upvoted 0 times
...
Shay
1 year ago
I agree, the identification of application on any port and policy match based on application are really useful.
upvoted 0 times
...
Alberto
1 year ago
I think the features found in a next-generation firewall are better than in a legacy firewall.
upvoted 0 times
...

Save Cancel