Exam PCNSA All QuestionsBrowse all questions from this exam
Question 10

Which two statements are correct about App-ID content updates? (Choose two.)

    Correct Answer: A, D

    Updated application content might change how Security policy rules are enforced. This is because new App-IDs and modifications to existing App-IDs can cause the firewall to categorize and handle applications differently. Additionally, after an application content update, new applications are automatically identified and classified by the firewall. This automatic identification and classification reduces manual administrative effort and ensures that the security policies are up to date with the latest application signatures.

Discussion
rebetOptions: AD

The correct answers are: A. Updated application content may change how security policy rules are enforced D. After an application content update, new applications are automatically identified and classified 'B' is not correct as there is no need to do any manual classification of applications.

ichnos

I agree

PANW

I agree A & D are correct As new App-IDs are introduced and delivered to the firewall via weekly updates, dynamic filters are automatically updated for those applications that meet the filter criteria. This helps minimize administrative effort associated with security policy management. Source: https://www.paloaltonetworks.com/resources/techbriefs/app-id-tech-brief.html

RedByteOptions: AB

The answer should be A and B: "A firewall admin must be careful before they install any App‐ID updates because some applications may have changed since the last App‐ID update (content update). For example, an application that was previously categorized under web‐browsing now may be categorized under its own unique App‐ID. Categorization of applications into more specific applications allows more granularity and control of applications within security policies. Because the new App‐ID no longer will be categorized as web‐browsing, no security policy now will contain this new App‐ID. Consequently, the new App‐ID will be blocked."

error_909Options: AD

The correct answers are: A. Updated application content may change how security policy rules are enforced D. After an application content update, new applications are automatically identified and classified. For any manual process in app-id updates, the option disable content update must be done first, then the admin must allow new signatures manually

blu_gandalfOptions: AD

i just answer it in practice exam , A & D

argyris23Options: AD

A,D source: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/app-id/manage-new-app-ids-introduced-in-content-releases/review-new-app-id-impact-on-existing-policy-rules

yurakoreshOptions: AD

A & D should be the correct answers!

Cyril_the_SquirlOptions: AB

A & B are correct. Updated or changed application identifiers MIGHT surely change the way security policy is applied if there's been changes or new additions. (A is correct). Therefore where there are NEW additions to applications and app identifiers, all the new app-IDs MUST be explicitly/manually included correctly in the security policy.(B is correct). C is wrong.... it's silly to think security policy is not affected by app-id when it's in the app-id profile is used. D is wrong...lost me at "automatically"

vdsdrs

All apps are automatically identified and classified if they match the signature... A&D are correct.

davidmdlp85Options: AD

A is correct 3.1.4 The potential impact of App-ID updates to existing Security policy rules Newly-categorized and modified App-IDs can change the way in which the firewall enforces traffic. Review the content update policy to see how new and modified App-IDs impact your Security policy and to easily make any necessary adjustments. You can review the content update policy for both downloaded and installed content.

RivandOptions: AD

A and D are acorrect

J0aquinOptions: AD

A: "Newly-categorized and modified App-IDs can change the way in which the firewall enforces traffic. Review the content update policy to see how new and modified App-IDs impact your Security policy and to easily make any necessary adjustments. You can review the content update policy for both downloaded and installed content."

vigorasOptions: AD

A and D

all_nicknames_are_takenOptions: AD

A,D: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/manage-new-app-ids-introduced-in-content-releases

BMRobertsonOptions: AD

The answer(s) are A&D. Please look at the following link: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/software-and-content-updates/app-and-threat-content-updates states "As the firewall automatically retrieves and installs the latest application and threat signatures (based on your custom settings), it starts enforcing security policy based on the latest App-IDs and threat protection without any additional configuration." This means B is incorrect and D is correct; further down it states, "Because new App-IDs can change how the security policy enforces traffic..." (this means A is correct and C is not);

Ankitkumar2029Option: A

A. Updated application content might change how Security policy rules are enforced.

LordScorpiusOptions: AD

Please DON'T take this exam IF you believe that App-ID updates can't break some of Security Policy Rules. The training Palo writes spends a great deal of time explaining how it can! Secondly, stop wishfully thinking everything is automatic. Dependencies must be allowed or denied after they are created. The answer here is clearly A and D.

RaimzOptions: AB

I go with A & B

Kane002Options: AD

A and D. For people arguing for B, the wording seems to imply that an admin would have to manually classify new applications via application overrides or custom application signatures, which they do not have to do, this is done automatically, it's the whole point of the content update.