ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 215 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 215
Topic #: 1
[All PCNSE Questions]

An internal system is not functioning. The firewall administrator has determined that the incorrect egress interface is being used. After looking at the configuration, the administrator believes that the firewall is not using a static route.
What are two reasons why the firewall might not use a static route? (Choose two.)

  • A. duplicate static route
  • B. no install on the route
  • C. disabling of the static route
  • D. path monitoring on the static route
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by prosto_marussia at Jan. 18, 2022, 4:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kabuelenain
6 days, 20 hours ago
Selected Answer: BD
Answer is B,D Choosing "No Install" in the "Route Table" drop down box when configuring the static route means the route will not be installed in any Virtual Router and thus not used. Path monitoring can disable a route of the path it points to fails.
upvoted 1 times
...
guy276465281819372
2 months, 2 weeks ago
Selected Answer: AD
A AND D. having duplicate routes is one of the most common mistakes.
upvoted 2 times
...
Chiquitabandita
6 months, 4 weeks ago
I think A AND D since you can have a duplicate static route in the RIB but not in the FIB since the routes have different metrics/hops. I think this is a poorly written question and left out info related to the question. Or maybe it was transcribed incorrectly from the source, it just seem the question is incomplete and missing information
upvoted 3 times
...
DatITGuyTho1337
7 months, 4 weeks ago
I chose "AD", because the "no install" option means that the admin never wanted to use that route. A duplicate static route can be configured with a different next hop and metric!
upvoted 3 times
Eluis007
4 months, 2 weeks ago
If you configure another route with different next hop and metric, than you have two different routes, not duplicate routes!
upvoted 2 times
...
...
Marwansobhy
10 months, 2 weeks ago
you can no install in static routing by changing the unicast drop list to no install
upvoted 2 times
...
kalopilo
1 year, 7 months ago
Ans: B & D. When you Configure Path Monitoring for a Static Route, the firewall uses path monitoring to detect when the path to one or more monitored destination has gone down. The firewall can then reroute traffic using alternative routes. The firewall uses path monitoring for static routes much like path monitoring for HA or policy-based forwarding (PBF) https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-networking-admin/static-routes/static-route-removal-based-on-path-monitoring
upvoted 2 times
...
Sarbi
1 year, 8 months ago
I am agreed there is no duplicate and disable routes
upvoted 1 times
...
Sarbi
1 year, 8 months ago
How can path monitoring effects static routes?
upvoted 2 times
scanossa
9 months ago
Path monitoring could be detecting the next hop is down
upvoted 1 times
...
...
Lexus1323
1 year, 8 months ago
Selected Answer: BD
you cant disabling a route and you can't create a duplicate static route
upvoted 2 times
...
mz101
1 year, 8 months ago
If "duplicate static route" means same route with "different next hop", A could be the reason.
upvoted 3 times
...
UFanat
2 years, 1 month ago
Selected Answer: BD
B and D
upvoted 2 times
...
NLT
2 years, 5 months ago
When you Configure Path Monitoring for a Static Route, the firewall uses path monitoring to detect when the path to one or more monitored destination has gone down. The firewall can then reroute traffic using alternative routes.
upvoted 2 times
...
prosto_marussia
2 years, 7 months ago
BD is correct "No Install" is used if you do not want to install the route in the forwarding table. And if path monitoring on the route fails it also won't be used
upvoted 2 times
DatITGuyTho1337
7 months, 4 weeks ago
yes but why then be surprised that a second route doesn't work when it was not configured to be installed in the first place? I don't think the "no install" option is correct here.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago