Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Location Chicago IL, USA

Exam PCNSE topic 1 question 85 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 85
Topic #: 1
[All PCNSE Questions]

A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.
Which combination of service and application, and order of Security policy rules, needs to be configured to allow cleartext web-browsing traffic to this server on tcp/443.

  • A. Rule #1: application: web-browsing; service: application-default; action: allow Rule #2: application: ssl; service: application-default; action: allow
  • B. Rule #1: application: web-browsing; service: service-https; action: allow Rule #2: application: ssl; service: application-default; action: allow
  • C. Rule # 1: application: ssl; service: application-default; action: allow Rule #2: application: web-browsing; service: application-default; action: allow
  • D. Rule #1: application: web-browsing; service: service-http; action: allow
Show Suggested Answer Hide Answer

Suggested Answer: A

Comments

Edu147
7 months ago
Correct B https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEyCAK
upvoted 3 times
...
Cooldude89
2 months ago
B is correct
upvoted 2 times
...
khalmrj
1 week ago
Correct B
upvoted 1 times
...

SaveCancel