Exam PCNSE topic 1 question 597 discussion

Why even attempt an APPLICATION Override when there's no custom app in the first place? Might as well keep using App-ID. BCD.

B and C. Please note: a custom app IS NOT REQUIRED to do an application override. you can override the built-in app, per the KB article. "What You'll Need for Setup To configure an Application Override, go to Policies > Application Override in the WebGUI. For setup, you'll need the following: Custom Application to be used in the Application Override policy (recommended) Application Override policy Security Policy that allows the newly created Custom Application through the firewall Special Note about Content and Threat inspection Application Override to a custom application will force the firewall to bypass Content and Threat inspection for the traffic that is matching the override rule. The exception to this is when you override to a pre-defined application that supports threat inspection. " https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0

BCD, but the ask for 2 answers only so I guess that Custom app is implicitly included in B?

Once the custom application object has been created, it requires two additional things before it will be used by the Palo Alto firewall: There must be a security policy in place that permits the traffic (unless this is a new site or recently added subnet, this should already exist) There must be an application override policy that specifies when the custom application object should be used There must be an application override policy that specifies when the custom application object should be used

Answers should include (D) Custom App (with no signature) as well as BC

BC...D https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0