ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 285 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 285
Topic #: 1
[All PCNSE Questions]

A user at an internal system queries the DNS server for their web server with a private IP of 10.250.241.131 in the DMZ. The DNS server returns an address of the web servers public address, 200.1.1.10. In order to reach the web server, which security rule and U-Turn NAT rule must be configured on the firewall?

  • A. NAT Rule: Source Zone: Untrust_L3 Source IP: Any Destination Zone: DMZ Destination IP: 200.1.1.10 Destination Translation address: 10.250.241.131 Security Rule: Source IP: Any Destination Zone: DMZ Destination IP: 10.250.241.131
  • B. NAT Rule: Source Zone: Trust_L3 Source IP: Any Destination Zone: DMZ Destination IP: 200.1.1.10 Destination Translation address: 10.250.241.131 Security Rule: Source Zone: Untrust-L3 Source IP: Any Destination Zone: DMZ Destination IP: 10.250.241.131
  • C. NAT Rule: Source Zone: Untrust_L3 Source IP: Any Destination Zone: Untrust_L3 Destination IP: 200.1.1.10 Destination Translation address: 10.250.241.131 Security Rule: Source Zone: Untrust-L3 Source IP: Any Destination Zone: DMZ Destination IP: 10.250.241.131
  • D. NAT Rule: Source Zone: Trust_L3 Source IP: Any Destination Zone: Untrust_L3 Destination IP: 200.1.1.10 Destination Translation address: 10.250.241.131 Security Rule: Source Zone: Trust-L3 Source IP: Any Destination Zone: DMZ Destination IP: 200.1.1.10
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by bimyo at Oct. 6, 2022, 8:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sov4
1 year, 2 months ago
Selected Answer: D
Had this question on the exam a few weeks ago... July 2023.
upvoted 4 times
franko_72
10 months, 2 weeks ago
Yep so did I, similar time, June/July.
upvoted 1 times
...
...
Kalipso21
1 year, 9 months ago
Answer is D, this is explained in an scenario here https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEiCAK
upvoted 4 times
sujss
1 year, 5 months ago
Thanks for this
upvoted 1 times
...
...
DenskyDen
1 year, 9 months ago
D. Agree
upvoted 1 times
...
confusion
1 year, 12 months ago
Selected Answer: D
Security rules use pre-NAT IP and post-NAT Zone
upvoted 2 times
...
mysteryzjoker
2 years ago
D) Great PAN NAT video here, includes Uturn NAT https://www.youtube.com/watch?v=Ahrao6kBg8w&t=566s
upvoted 1 times
...
bimyo
2 years ago
Selected Answer: D
Yes D is correct, think it over again if your result is different.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago