ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 255 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 255
Topic #: 1
[All PCNSA Questions]

Which statement is true regarding NAT rules?

  • A. Translation of the IP address and port occurs before security processing.
  • B. Firewall supports NAT on Layer 3 interfaces only.
  • C. Static NAT rules have precedence over other forms of NAT.
  • D. NAT rules are processed in order from top to bottom.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by PunkSp at Dec. 6, 2022, 11:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
plasticpurduestrident
7 months, 3 weeks ago
So in the actual exam do you pick A or D? Where do these (wrong) answers come from? The actual exam?
upvoted 1 times
...
MarkGrootaarts
1 year, 8 months ago
Selected Answer: D
Answer is D
upvoted 1 times
...
DatITGuyTho1337
1 year, 9 months ago
Answer is D, but B is also viable!!
upvoted 1 times
N1KH1L
1 year, 6 months ago
in Vwire mode there is a nat capability so do not think B is viable
upvoted 3 times
...
...
LetsDiscuss23
1 year, 9 months ago
Selected Answer: D
Answer is D
upvoted 1 times
...
khaled_ellaboudy
1 year, 10 months ago
Selected Answer: D
D is the most relevent answer and has only one meaning.
upvoted 1 times
...
Vijay_75
2 years ago
A and D are true as below: 1. the NAT rules are processed first before the security rules (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0) 2. the NAT rules are processed from top down (https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/nat/nat-policy-rules/nat-policy-overview)
upvoted 2 times
OhEmGee
1 year, 11 months ago
A is not the answer as NAT "evaluation" happens before Sec Policy but actual "translation" happens after Sec Pol evaluation. Answer is D
upvoted 3 times
...
...
PunkSp
2 years ago
Selected Answer: D
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/nat/nat-policy-rules/nat-policy-overview
upvoted 2 times
sguerouate
1 year, 11 months ago
Agree, A is impossible to use Answer D !
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel