U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-Strata Exam - Topic 1 Question 65 Discussion

A prospective customer currently uses a firewall that provides only Layer 4inspection and protections. The customer sees traffic going to an external destination, port 53, but cannot determine what Layer 7 application traffic is going over that portWhich capability of PAN-OS would address the customer's lack of visibility?
D) App-ID, because it will give visibility into what exact applications are being run over that port and allow the customer to block unsanctioned applications using port 53
A) Device ID, because it will give visibility into which devices are communicating with external destinations over port 53
B) single pass architecture (SPA), because it will improve the performance of the Palo Alto Networks Layer 7 inspection
C) User-ID, because it will allow the customer to see which users are sending traffic to external destinations over port 53

Palo Alto Networks PSE-Strata Exam - Topic 1 Question 65 Discussion

Actual exam question for Palo Alto Networks's PSE-Strata exam
Question #: 65
Topic #: 1
[All PSE-Strata Questions]

A prospective customer currently uses a firewall that provides only Layer 4

inspection and protections. The customer sees traffic going to an external destination, port 53, but cannot determine what Layer 7 application traffic is going over that port

Which capability of PAN-OS would address the customer's lack of visibility?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

0/2000 characters
Bethanie
8 months ago
SPA is cool, but it won’t solve the visibility issue here.
upvoted 0 times
...
Graciela
8 months ago
Agreed, App-ID is the way to go for blocking those apps.
upvoted 0 times
...
Erick
8 months ago
Wait, can App-ID really see traffic on port 53? That’s surprising!
upvoted 0 times
...
Angella
8 months ago
I think User-ID could help too, but not as much as App-ID.
upvoted 0 times
...
Precious
8 months ago
Definitely App-ID! It’s the best for Layer 7 visibility.
upvoted 0 times
...
Horace
8 months ago
I thought Device ID was more about tracking devices rather than application visibility. I’m leaning towards App-ID, but I’m not completely confident.
upvoted 0 times
...
Clarinda
8 months ago
I practiced a similar question where App-ID was crucial for understanding traffic. I think it’s definitely the best choice for this scenario.
upvoted 0 times
...
Raylene
8 months ago
I’m not entirely sure, but I think User-ID might help with visibility into who is using the traffic, but it doesn’t really address the application itself, right?
upvoted 0 times
...
Julian
9 months ago
I remember studying about App-ID and how it helps identify applications regardless of the port they're using. That seems like the right answer here.
upvoted 0 times
...
Myra
9 months ago
This question seems straightforward, but I want to make sure I understand the requirements correctly before I start configuring anything.
upvoted 0 times
...
Leatha
9 months ago
I'm pretty confident about this one. The Cloud Octagon Model sounds like it's related to risk assessment, so I'll go with option A.
upvoted 0 times
...

Save Cancel