ExamTopics Logo
Mail Usteam@examtopics.com
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 454 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 454
Topic #: 1
[All PCNSE Questions]

An administrator is assisting a security engineering team with a decryption rollout for inbound and forward proxy traffic. Incorrect firewall sizing is preventing the team from decrypting all of the traffic they want to decrypt.

Which three items should be prioritized for decryption? (Choose three.)

  • A. Financial, health, and government traffic categories
  • B. Less-trusted internal IP subnets
  • C. Known malicious IP space
  • D. High-risk traffic categories
  • E. Public-facing servers
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Community vote distribution
B (71%)
D (21%)
4%
by [deleted] at Dec. 20, 2022, 1:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
Highly Voted 2 years, 3 months ago
CDE are correct answers
upvoted 24 times
evdw
2 years, 3 months ago
Agree on CDE
upvoted 6 times
Eiffelsturm
1 year, 4 months ago
why do you want to decrypt known malicious IPs? Block them
upvoted 14 times
...
...
...
lildevil
Highly Voted 1 year, 10 months ago
BDE, we all know why not A, but why would you decrypt C...if you block that traffic (as you should) then security profiles are not even applied (even if you set them on a blocking security profile, they wont take any affect) so why set up a decryption profile for it?
upvoted 16 times
...
Angelafp
Most Recent 1 month, 1 week ago
Selected Answer: B
B,D,E has not sense to decrypt a know malicous IPs.. better to block them instead.
upvoted 1 times
...
de7cdfd
2 months, 1 week ago
Selected Answer: B
BCD is are correct.
upvoted 1 times
...
CarlosDV06
2 months, 2 weeks ago
Selected Answer: B
BDE. We do not decrypt A's due to compliance, and why would you waste FWs resources decrypting known malicious IP Addresses, you know they are malicious, so you block them (for example, Palo Alto bulletproof ip EDL).
upvoted 2 times
...
corpguy
4 months, 4 weeks ago
Selected Answer: B
BDE are correct, malicious sites (C) would be blocked, you would not waste resources decrypting them.
upvoted 1 times
...
Yohinar
5 months, 1 week ago
Selected Answer: E
BDE - A you should never decrypt and C you should already block
upvoted 1 times
...
dtisolutions
6 months, 1 week ago
B D E , I agree A is out of the question , usually you should never decrypt those and C normally you already block
upvoted 1 times
...
0d2fdfa
10 months, 3 weeks ago
Selected Answer: C
CDE are correct answers
upvoted 1 times
...
evilCorpBot7494
1 year, 1 month ago
BDE. C should be blocked anyway so there is no need to decrypt it. A) Should not be decrypted due to regulations and privacy.
upvoted 3 times
...
Marshpillowz
1 year, 2 months ago
B, D and E
upvoted 1 times
...
franko_72
1 year, 3 months ago
B D E for sure.
upvoted 2 times
...
Andromeda1800
1 year, 4 months ago
My opinion is that B, D, E are correct. C shouldn't be correct because you are supposed to block Known malicious IP space and not decrypt it. Option A (Financial, health, and government traffic categories) usually is not supposed to be decrypted due to regulatory compliance and data privacy.
upvoted 2 times
...
brian7857ffs45
1 year, 4 months ago
This question was on the exam.. Nov 2023
upvoted 2 times
...
Xuzi
1 year, 4 months ago
Selected Answer: B
BDE for sure
upvoted 2 times
...
dgonz
1 year, 6 months ago
changing my answer to BDE you should block C
upvoted 2 times
...
dgonz
1 year, 7 months ago
Selected Answer: D
should be C D E
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
CAS-004
Sydney, 1 minute ago