A. Reset client12
The “Reset client” action will discard the session’s packets and send a TCP RST packet to let the client know the session has been terminated so it can gracefully close the session locally
Sending a reset only to the client would ensure, for example, internal hosts receive a notification the session was reset and the browser is not left spinning or the application can close the established session while the remote server is left unaware.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClltCAC
The correct answer to the question "Which Security policy action will message a user's browser that their web session has been terminated?" is A. Reset client. This option is chosen because sending a reset only to the client ensures that internal hosts receive a notification that the session was reset, and the browser is not left in a pending state. This action allows the application to close the established session, while the remote server remains unaware. This is particularly useful in situations where a web session needs to be terminated immediately, such as when a user accesses a malicious or unauthorized website or when there is a violation of a security policy rule
https://live.paloaltonetworks.com/t5/general-topics/pa-smb-deny-behaviour/m-p/188331#M57178
Deny requires an application to decide the appropriate 'reject' action for the application
if you need to actively reject i'd propose you use 'Reset Client' instead
So answer is A
Answer A:
Sending a reset only to the client would ensure, for example, internal hosts receive a notification the session was reset and the browser is not left spinning or the application can close the established session while the remote server is left unaware.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClltCAC
Sending a reset only to the client would ensure, for example, internal hosts receive a notification the session was reset and the browser is not left spinning or the application can close the established session while the remote server is left unaware.
The Drop action is mostly used as a stealthy way of discarding traffic. The firewall will simply throw away any packets associated with an unwanted connection, not letting the client or server know the packets are being discarded.
It's A.... "The Drop action is mostly used as a stealthy way of discarding traffic. The firewall will simply throw away any packets associated with an unwanted connection, not letting the client or server know the packets are being discarded." https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClltCAC
B can not be corret. If default deny action is drop, then there is no response will be sent to client's browser, just silently drop.
When this action is selected in a security policy rule, the firewall will send a TCP RST (reset) packet to the client's browser, which will terminate the web session and display an error message in the user's browser indicating that the session has been reset or terminated.
The Reset Client action is useful in situations where a web session needs to be terminated immediately, such as when a user is accessing a malicious or unauthorized website or when there is a violation of a security policy rule.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cjace
1 month, 3 weeks ago[Removed]
2 months, 1 week agoReliic
8 months agoJackie26
10 months, 3 weeks agokico55
1 year agoNorthIdaho
1 year agohdrnzienlaoroljol
1 year, 1 month agoSessoConPupoPazzo
1 year, 2 months agocert111
1 year, 2 months agohibozel
1 year, 3 months agoSillyGoose123
1 year, 3 months agobaccalacca
1 year, 4 months agoSillyGoose123
1 year, 4 months agoMazalaza
1 year, 4 months agofb48
1 year, 4 months ago