An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone. The administrator does not want to allow traffic between the DMZ and LAN zones. Which Security policy rule type should they use?

Questions › Category: PCNSA › An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone. The administrator does not want to allow traffic between the DMZ and LAN zones. Which Security policy rule type should they use?

0 Vote Up Vote Down

Admin Staff asked 7 months ago

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone.
The administrator does not want to allow traffic between the DMZ and LAN zones.
Which Security policy rule type should they use?

A. interzone

B. intrazone

C. default

D. universal








 

Suggested Answer: D

Community Answer: B



This question is in PCNSA Palo Alto Networks Certified Network Security Administrator Exam
For getting Palo Alto Networks Certified Network Security Administrator (PCNSA) Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Palo Alto Networks. 
Trademarks, certification & product names are used for reference only and belong to Palo Alto Networks.
The website does not contain actual questions and answers from Palo Alto Networks's Certification Exams.

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone. The administrator does not want to allow traffic between the DMZ and LAN zones. Which Security policy rule type should they use?

View the diagram. What is the most restrictive, yet fully functional rule, to allow general Internet and SSH traffic into both the DMZ and Untrust/Internet zones from each of the IOT/Guest and Trust Zones? A. B. C. D.

Which stage of the cyber attack lifecycle makes it important to provide ongoing education to users on spear phishing links, unknown emails, and risky websites?

101 Practice Test Free

101-500 Practice Test Free

102-500 Practice Test Free

Recommended

DP-100 Practice Test Free

XK0-005 Practice Test Free

XK0-004 Practice Test Free

SY0-701 Practice Test Free

SY0-601 Practice Test Free

SY0-501 Practice Test Free

Welcome Back!

Create New Account!

Retrieve your password

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone. The administrator does not want to allow traffic between the DMZ and LAN zones. Which Security policy rule type should they use?

View the diagram. What is the most restrictive, yet fully functional rule, to allow general Internet and SSH traffic into both the DMZ and Untrust/Internet zones from each of the IOT/Guest and Trust Zones? A. B. C. D.

Which stage of the cyber attack lifecycle makes it important to provide ongoing education to users on spear phishing links, unknown emails, and risky websites?

Related Questions

Recommended

Welcome Back!

Create New Account!

Retrieve your password