ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 366 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 366
Topic #: 1
[All PCNSA Questions]

An administrator needs to create a Security policy rule that matches DNS traffic sourced from either the LAN or VPN zones, destined for the DMZ or Untrust zones.

The administrator does not want to match traffic where the source and destination zones are LAN, and also does not want to match traffic where the source and destination zones are VPN.

Which Security policy rule type should they use?

  • A. Interzone
  • B. Universal
  • C. Intrazone
  • D. Default
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by cas23147 at June 16, 2023, 1:56 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
cjace
1 month, 3 weeks ago
A - Interzone
upvoted 3 times
...
engwadaw
11 months ago
in other words the admin doesn't want to match intrazone traffic it is clearly an interzone traffic as the universal means the whole thing. A is the correct answer.
upvoted 2 times
...
perceptivity
1 year ago
Selected Answer: A
https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/policy/security-policy/components-of-a-security-policy-rule
upvoted 3 times
...
DlaEdu_Ex
1 year ago
Selected Answer: A
Interzone The administrator does not want to match traffic where the source and destination zones are LAN/VPN
upvoted 3 times
...
cas23147
1 year, 1 month ago
Selected Answer: A
not want to match traffic where the source and destination zones are LAN
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago