if you read that answer statement, and interpret it how I think Palo meant to say it, they are essentially saying to allow new app-id in your security policy rules that might impact your network instead of blocking it.
how C can be a correct answer?
Automatically allowing new App-IDs without careful assessment can introduce security risks. It is important to review and test new App-IDs before allowing them in a production environment.
Answers are B, C. Always review Content Release Notes for the list of newly-identified and modified application and threat signatures that the content release introduces. Configure a security policy rule to always allow new App-IDs that might have network-wide impact, like authentication or software development applications.
You can also review Content Release Notes for apps and threats on the Palo Alto Networks Support Portal or directly in the firewall web interface: select Device
Dynamic Updates
and open the Release Note
for a specific content release version.
BC
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-new-app-ids-introduced-in-content-releases/app-id-updates-workflow#id182P00F0FEI
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.PCNSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
NullNull88
2 months, 1 week agoNSO_Blue
5 months, 3 weeks agoTR12345
4 months agoali_sh85
9 months, 2 weeks agoWhizdhum
1 year, 4 months agoSammy3637
1 year, 4 months agoBillyon
1 year, 6 months agoTAKUM1y
2 years, 5 months agoconfusion
2 years, 6 months agoTAKUM1y
2 years, 6 months agomysteryzjoker
2 years, 7 months ago