Examice

Exam PCNSE All QuestionsBrowse all questions from this exam

Question 40

What are the differences between using a service versus using an application for Security Policy match?

Use of a ג€serviceג€ enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an ג€applicationג€ allows the firewall to take immediate action if the port being used is a member of the application standard port list.

There are no differences between ג€serviceג€ or ג€applicationג€. Use of an ג€applicationג€ simplifies configuration by allowing use of a friendly application name instead of port numbers.

Use of a ג€serviceג€ enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an ג€applicationג€ allows the firewall to take action after enough packets allow for App-ID identification regardless of the ports being used

Use of a ג€serviceג€ enables the firewall to take action after enough packets allow for App-ID identification

Correct Answer: C

Using a service in a firewall allows the system to take immediate action based on the port numbers observed in the first packet. Applications, on the other hand, can only be identified after observing enough packets to match the application's signature (App-ID), regardless of the ports being used. This distinction is crucial because services are tied to specific ports, whereas applications can be identified by their behavior and characteristics, irrespective of the port.

Discussion

rociohaOption: C

c is correct. https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/app-id/app-id-overview

Jared28Option: C

PCNSE Beacon practice exam has this exact question, answer C. It's probably a retired question.

tururu1496Option: C

Answer: C

lol12Option: C

C https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVwCAK

MyKasalaOption: C

C is correct

UFanatOption: C

C i a correct one

DerekLi23333Option: C

Correct answer is C

Rider85Option: C

The correct is A. In Pcnse beacon exam is the same question

Rider85

Is C sorry

yogininangpalOption: C

Correct answer is C

evdwOption: C

Correct answer : C

bing2021Option: C

service cares about port, and app id is based on content

MarshpillowzOption: C

C is the correct answer

yazid0016Option: C

Correct answer is C

ramasamymuthiahOption: C

Correct answer is C

confusionOption: C

App ID needs packets to identify the applicaiton.

ev333Option: C

C is correct this is in all palo marketing materials.

unknidOption: A

C is incorrect as f, A because this is why you have applipedia, to understand what ports will be allowed on a certan application. If you want port 4433 on ssl, you have to use ssl + service 4433.