ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 601 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 601
Topic #: 1
[All PCNSE Questions]

A root cause analysis investigation into a recent security incident reveals that several decryption rules have been disabled. The security team wants to generate email alerts when decryption rules are changed.

How should email log forwarding be configured to achieve this goal?

  • A. With the relevant system log filter inside Device > Log Settings
  • B. With the relevant configuration log filter inside Device > Log Settings
  • C. With the relevant configuration log filter inside Objects > Log Forwarding
  • D. With the relevant system log filter inside Objects > Log Forwarding
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by hcir at March 30, 2024, 9:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SCCUser
2 months ago
Selected Answer: B
Configure email alerts for Traffic, Threat, and WildFire Submission logs. See Create a Log Forwarding profile. Select ObjectsLog Forwarding, click Add, and enter a Name to identify the profile. For each log type and each severity level or WildFire verdict, select the Email server profile and click OK. See Assign the Log Forwarding profile to policy rules and network zones. Configure email alerts for System, Config, HIP Match, and Correlation logs. Select DeviceLog Settings. For System and Correlation logs, click each Severity level, select the Email server profile, and click OK. For Config and HIP Match logs, edit the section, select the Email server profile, and click OK.
upvoted 1 times
...
PacketsDownRange99
5 months, 1 week ago
Selected Answer: B
B. https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/configure-email-alerts
upvoted 3 times
...
tobaja
5 months, 2 weeks ago
Log forwarding does not seem possible for configuration logs. Does show up at Device > Log Settings, so answer B.
upvoted 1 times
...
hcir
6 months ago
B. Config related logs are generated by the management plane, hence in the device section
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago