Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Palo-Alto-Networks Discussions

Exam PCNSE topic 1 question 586 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 586
Topic #: 1
[All PCNSE Questions]

A firewall engineer is managing a Palo Alto Networks NGFW which is not in line of any DHCP traffic.

Which interface mode can the engineer use to generate Enhanced Application logs (EALs) for classifying IoT devices while receiving broadcast DHCP traffic?

  • A. Virtual wire
  • B. Layer 3
  • C. Layer 2
  • D. Tap
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Thunnu at March 31, 2024, 7:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Mtro
1 week, 2 days ago
Selected Answer: D
Tap Interfaces Considerations – If you use a Tap interface to gain visibility into DHCP traffic that the firewall doesn’t ordinarily see, consider the following: Place the tap “north” of any routed boundary where DHCP is configured. This will ensure that the captured traffic is unicast rather than broadcast. (If the firewall with the Tap interface is in the same broadcast domain as the switch that’s mirroring traffic to it, enable DHCP Broadcast Session at DeviceSetupSession.) Use Cases for Tap interfaces Evaluations Networks where DHCP is configured on a device “south” of the firewall Monitor networks that don’t naturally traverse the firewall
upvoted 1 times
...
hcir
1 week, 5 days ago
answer is A. DHCP server, DHCP client and FW on the same broadcast domain means that a VWire interface will only catch the broadcast packets (not the unicast) and will still generate EALs. For a Tap interface to catch the 4 DHCP packets, the switch needs to mirror the traffic.
upvoted 1 times
...
nchunter
1 week, 6 days ago
Has anybody recently taken the PCNSE exam? Are there any questions on the exam that are under #300 on the study guide?
upvoted 1 times
...
nchunter
1 week, 6 days ago
Has anybody recently taken the PCNSE exam? Are there any questions that are under #300 on the study guide?
upvoted 1 times
...
Loloshikovichev
2 weeks, 3 days ago
Selected Answer: D
As question states, the firewall is not in the traffic path. Tap is the interface that can receive traffic to identification.
upvoted 1 times
...
tonykolo
1 month ago
Selected Answer: D
The question stated "not in line of any DHCP traffic". For Vwire interfaces "Ensure the Virtual Wire is in the path for DHCP traffic. This traffic can be either broadcast or unicast." Tap interface use case "Monitor networks that don’t naturally traverse the firewall". D has to be the right answer.
upvoted 1 times
...
MostafaNawar
1 month ago
Selected Answer: A
A, sure
upvoted 1 times
...
findkeywordcommand
1 month, 1 week ago
Selected Answer: A
"Virtual Wire: When the firewall has Virtual Wire interfaces with multicast firewalling enabled, it generates Enhanced Application logs (EALs) for broadcast DHCP sessions." https://docs.paloaltonetworks.com/iot/iot-security-admin/get-started-with-iot-security/firewall-deployment-for-dhcp-visibility/firewall-deployment-options-for-iot-security
upvoted 1 times
...
jaypogi16
1 month, 1 week ago
Selected Answer: A
A. Virtual Wire: When the firewall has Virtual Wire interfaces with multicast firewalling enabled, it generates Enhanced Application logs (EALs) for broadcast DHCP sessions.
upvoted 1 times
...
Thunnu
1 month, 2 weeks ago
Vwire interface https://docs.paloaltonetworks.com/iot/iot-security-admin/get-started-with-iot-security/firewall-deployment-for-dhcp-visibility/firewall-deployment-options-for-iot-security
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel