Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PSE-Prisma-Pro-24 Exam - Topic 2 Question 10 Discussion

Actual exam question for Palo Alto Networks's PSE-Prisma-Pro-24 exam
Question #: 10
Topic #: 2
[All PSE-Prisma-Pro-24 Questions]

An administrator deploys a VM-Series firewall into Amazon Web Services. Which attribute must be disabled on the data-plane elastic network interface for the instance to handle traffic that is not destined to its own IP address?

Show Suggested Answer Hide Answer
Suggested Answer: D

https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/deploy-the-vm-series-firewall-on-aws/launch-the-vm-series-firewall-on-aws.html


by Tracey at Nov 23, 2025, 07:29 PM

Limited Time Offer

25%

Off

Get Premium PSE-Prisma-Pro-24 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Fernanda
3 days ago
I remember this from my training! D is crucial for firewalls.
upvoted 0 times
...
Antonio
9 days ago
I was torn between A and D, but D is the right choice.
upvoted 0 times
...
Nu
14 days ago
Definitely D. Security groups and tags don’t affect traffic routing.
upvoted 0 times
...
Helaine
19 days ago
I feel confident about this question. It's a common setup in AWS.
upvoted 0 times
...
Nikita
24 days ago
Agreed! Disabling that allows traffic to flow freely.
upvoted 0 times
...
Frederic
29 days ago
I think it's D) source/destination checking. It makes sense for routing.
upvoted 0 times
...
Karl
2 months ago
Surprised this is even a question, it’s pretty basic!
upvoted 0 times
...
Jerlene
2 months ago
No way, it’s definitely D.
upvoted 0 times
...
Margret
2 months ago
Wait, are you sure? I thought it was A) security group.
upvoted 0 times
...
Ashton
2 months ago
D all the way. Disabling source/destination checking is like unlocking the door for the firewall to let traffic in. Duh!
upvoted 0 times
...
Nidia
2 months ago
D, no doubt about it. Can't have the firewall dropping traffic just because it's not destined for its own IP.
upvoted 0 times
...
Tina
2 months ago
D is the way to go. Gotta turn off that source/destination checking or the firewall won't be able to do its job.
upvoted 0 times
...
Stephaine
3 months ago
I’m leaning towards D) source/destination checking, but I wish I had reviewed more about how it interacts with elastic network interfaces.
upvoted 0 times
...
Jaime
3 months ago
I’m a bit confused about the role of security groups in this context. Do they affect how the traffic is handled?
upvoted 0 times
...
Elina
3 months ago
I remember a practice question about network interfaces, and I think disabling source/destination checking was the answer there too.
upvoted 0 times
...
Jose
3 months ago
Alright, I think I've got this. The VM-Series firewall needs to be able to handle traffic not destined for its own IP, so the "source/destination checking" attribute needs to be disabled. I'm confident that's the right answer.
upvoted 0 times
...
Alba
3 months ago
I've got a strategy - I'll eliminate the options that don't seem relevant, then focus in on understanding source/destination checking. That should help me narrow it down.
upvoted 0 times
...
Minna
3 months ago
I'm a bit confused on this one. Is the "source/destination checking" something specific to the VM-Series firewall, or is it a general AWS networking concept? I'll need to review that before answering.
upvoted 0 times
...
Katina
4 months ago
Totally agree, that’s the right one!
upvoted 0 times
...
Major
4 months ago
It's D) source/destination checking.
upvoted 0 times
...
Elbert
4 months ago
I think it might be related to source/destination checking, but I'm not entirely sure why that matters for the firewall.
upvoted 0 times
...
Kallie
4 months ago
Definitely D. Disabling source/destination checking is crucial for the VM-Series firewall to function properly in AWS.
upvoted 0 times
...
Izetta
4 months ago
D) source/destination checking is the correct answer. You need to disable this to allow the VM-Series firewall to handle traffic not destined for its own IP.
upvoted 0 times
...
Carlee
5 months ago
Okay, let's see. I think the key here is understanding what the "source/destination checking" attribute does on the network interface. That's probably the key to solving this.
upvoted 0 times
...
Earleen
5 months ago
Hmm, this one seems tricky. I'll need to think carefully about the networking concepts involved with the VM-Series firewall in AWS.
upvoted 0 times
...

Save Cancel