ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 238 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 238
Topic #: 1
[All PCNSA Questions]

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone.

Complete the empty field in the Security policy using an application object to permit only this type of access.


Source Zone: Internal -

Destination Zone: DMZ Zone -
Application: __________

Service: application-default -
Action: allow

  • A. Application = "any"
  • B. Application = "web-browsing"
  • C. Application = "ssl"
  • D. Application = "http"
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Oteslar at Dec. 12, 2022, 1:27 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Oteslar
Highly Voted 2 years, 1 month ago
Selected Answer: B
i think the answer is B, becauce http is not an application but service, the web-browsing cab be http/https.
upvoted 6 times
...
ARWANGSH
Highly Voted 2 years ago
Selected Answer: B
http is not an app-id, web-browsing is: https://applipedia.paloaltonetworks.com/
upvoted 5 times
...
avadhoot72
Most Recent 4 months ago
here, specifically, http access specified in question. so, web browsing is consisting of HTTP and HTTPS ports, so correct answer is application http
upvoted 1 times
...
Aredus
10 months ago
B is correct as it uses tcp/80 in app-id.
upvoted 1 times
...
[Removed]
1 year, 2 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
[Removed]
1 year, 10 months ago
This was oddly worded and the whole question should not even count. The question is clearly specifying ONLY HTTP traffic, but the provided options do not match the asked criteria. HTTP is a server, and web-browsing is an APP-ID. However, "web-browsing" if left alone with default application service allows both http and https. More over, the answer doesn't make a correction in the Service option and leaves it as application-default. I agree that the answer, based on the requirements is B, but the question sucks.
upvoted 5 times
...
khaled_ellaboudy
1 year, 11 months ago
Selected Answer: B
Web browsing is a valid add id while http is not, http is a service and not an app
upvoted 3 times
khaled_ellaboudy
1 year, 11 months ago
APP id and not add id, sorry for the typo
upvoted 2 times
...
...
sjurka
2 years, 1 month ago
Selected Answer: B
http is a service. web-browsing should be selected
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago