Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam SSE-Engineer Topic 2 Question 2 Discussion

Actual exam question for Palo Alto Networks's SSE-Engineer exam
Question #: 2
Topic #: 2
[All SSE-Engineer Questions]

A user connected to Prisma Access reports that traffic intermittently is denied after matching a Catch-All Deny rule at the bottom and bypassing HIP-based policies. Refreshing VPN connection restores the access.

What are two reasons for this behavior? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

User mapping learned from sources other than gateway authentication can cause intermittent access issues if it conflicts with the expected user identity used in HIP-based policies. If the firewall is associating the user with an outdated or incorrect mapping, traffic may not match the intended security policies, leading to denials by the Catch-All Deny rule.

If the firewall loses user mapping due to missed HIP report checks, the user may temporarily lose access to policies that require a valid Host Information Profile (HIP) match. When the VPN connection is refreshed, the HIP check is re-initiated, restoring access until the issue repeats.


Contribute your Thoughts:

Sage
1 months ago
I think the correct reasons are A) and C). The firewall losing user mapping could definitely cause intermittent denial of traffic.
upvoted 0 times
...
Teri
1 months ago
I believe the issue might be related to B) User mapping learned from sources other than gateway authentication.
upvoted 0 times
...
Raina
1 months ago
Ooh, this is a tricky one. I'm going to go with B and C. User mapping from other sources and the firewall losing the mapping? That's gotta be it. Although, I have to say, these Prisma Access questions are getting more confusing by the minute.
upvoted 0 times
Loreen
5 days ago
Refreshing the VPN connection seems to be a temporary fix, but addressing the root cause with user mapping and HIP report checks is crucial.
upvoted 0 times
...
Fredric
21 days ago
I agree, those seem like valid reasons. It's important to make sure the user mapping is accurate for proper access.
upvoted 0 times
...
Tijuana
27 days ago
I think you're on the right track with B and C. User mapping from other sources and the firewall losing mapping could definitely cause this issue.
upvoted 0 times
...
...
Elizabeth
1 months ago
I agree with Lacresha, but I also think C) Firewall loses user mapping due to missed HIP report checks.
upvoted 0 times
...
Lacresha
1 months ago
I think the reason could be A) 'Collect HIP data' needs to be enabled.
upvoted 0 times
...
Viola
2 months ago
I'm going with C and D. Losing the user mapping and having a time-limited HIP policy? Sounds like a recipe for frustration. I bet the person reporting this issue is ready to throw their laptop out the window.
upvoted 0 times
Nguyet
1 months ago
Yeah, having a time-limited HIP policy can be frustrating for users.
upvoted 0 times
...
Tiara
1 months ago
I agree, losing user mapping can definitely cause issues.
upvoted 0 times
...
Stanford
1 months ago
Refreshing the VPN connection seems to be a temporary fix for now.
upvoted 0 times
...
Iola
1 months ago
Yeah, losing user mapping and having a time-limited policy can definitely cause frustration.
upvoted 0 times
...
Gregoria
2 months ago
I think C and D are the reasons for the issue.
upvoted 0 times
...
...
Salley
2 months ago
I'm leaning towards B and C. User mapping learned from other sources could be causing the problem, and the missed HIP checks definitely sound like a culprit. This is giving me a headache just thinking about it.
upvoted 0 times
Teresita
28 days ago
I agree, those two options seem like they could be causing the issue.
upvoted 0 times
...
Adelaide
28 days ago
C) Firewall loses user mapping due to missed HIP report checks.
upvoted 0 times
...
Lorriane
29 days ago
A) User mapping is learned from sources other than gateway authentication.
upvoted 0 times
...
...
Willodean
2 months ago
Hmm, I think it's gotta be C and D. If the firewall loses the user mapping due to missed HIP checks, and the HIP-enforced policy is only active during certain hours, that would explain the intermittent access issues.
upvoted 0 times
Janey
1 months ago
D) HIP-enforced policy is scheduled for certain hours of the day.
upvoted 0 times
...
Wayne
1 months ago
C) Firewall loses user mapping due to missed HIP report checks.
upvoted 0 times
...
...

Save Cancel