Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam SSE-Engineer Topic 2 Question 2 Discussion

Actual exam question for Palo Alto Networks's SSE-Engineer exam
Question #: 2
Topic #: 2
[All SSE-Engineer Questions]

A user connected to Prisma Access reports that traffic intermittently is denied after matching a Catch-All Deny rule at the bottom and bypassing HIP-based policies. Refreshing VPN connection restores the access.

What are two reasons for this behavior? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

User mapping learned from sources other than gateway authentication can cause intermittent access issues if it conflicts with the expected user identity used in HIP-based policies. If the firewall is associating the user with an outdated or incorrect mapping, traffic may not match the intended security policies, leading to denials by the Catch-All Deny rule.

If the firewall loses user mapping due to missed HIP report checks, the user may temporarily lose access to policies that require a valid Host Information Profile (HIP) match. When the VPN connection is refreshed, the HIP check is re-initiated, restoring access until the issue repeats.


Contribute your Thoughts:

Viola
5 days ago
I'm going with C and D. Losing the user mapping and having a time-limited HIP policy? Sounds like a recipe for frustration. I bet the person reporting this issue is ready to throw their laptop out the window.
upvoted 0 times
Iola
2 days ago
Yeah, losing user mapping and having a time-limited policy can definitely cause frustration.
upvoted 0 times
...
Gregoria
3 days ago
I think C and D are the reasons for the issue.
upvoted 0 times
...
...
Salley
25 days ago
I'm leaning towards B and C. User mapping learned from other sources could be causing the problem, and the missed HIP checks definitely sound like a culprit. This is giving me a headache just thinking about it.
upvoted 0 times
...
Willodean
1 months ago
Hmm, I think it's gotta be C and D. If the firewall loses the user mapping due to missed HIP checks, and the HIP-enforced policy is only active during certain hours, that would explain the intermittent access issues.
upvoted 0 times
...

Save Cancel