1. Home
  2. Discussions
  3. Paloalto Networks
  4. Network Security Administrator
  5. PCNSA Discussions
  6. PCNSA Exam Topic 8 Question 73 Discussion

Paloalto Networks Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0) PCNSA Question # 73 Topic 8 Discussion

 Paloalto Networks Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Paloalto Networks Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0) PCNSA Question # 73 Topic 8 Discussion

PCNSA Exam Topic 8 Question 73 Discussion:
Question #: 73
Topic #: 8

The compliance officer requests that all evasive applications need to be blocked on all perimeter firewalls out to the internet The firewall is configured with two zones;

1. trust for internal networks

2. untrust to the internet

Based on the capabilities of the Palo Alto Networks NGFW, what are two ways to configure a security policy using App-ID to comply with this request? (Choose two )
A.

Create a deny rule at the top of the policy from trust to untrust with service application-default and add an application filter with the evasive characteristic

B.

Create a deny rule at the top of the policy from trust to untrust over any service and select evasive as the application

C.

Create a deny rule at the top of the policy from trust to untrust with service application-default and select evasive as the application

D.

Create a deny rule at the top of the policy from trust to untrust over any service and add an application filter with the evasive characteristic

Get Premium PCNSA Questions
Actual exam question for Paloalto Networks PCNSA exam by Orion5636 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next