An administrator would like to override the default deny action for a given application, and instead would like to block the traffic.
Which security policy action causes this?
An administrator would like to override the default deny action for a given application, and instead would like to block the traffic.
Which security policy action causes this?
The correct security policy action is 'Drop.' When the administrator wants to block the traffic instead of the default deny action for a given application, setting the policy action to 'Drop' achieves this. The 'Drop' action discards the packets without notifying the sender. While there is an option to enable sending an ICMP Unreachable message, the fundamental action remains 'Drop.' Therefore, the appropriate term is 'Drop,' and not 'Drop, send ICMP Unreachable,' as that is just an additional option to enable.
There is no security policy action " Drop, send ICMP Unreachable", it is only drop.
I agree with you 100%
There is the action like that, here is the information. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/security-policy/security-policy-actions or Layer 3 interfaces, to optionally send an ICMP unreachable response to the client, set Action: Drop and enable the Send ICMP Unreachable check box. When enabled, the firewall sends the ICMP code
Technically the action is indeed "Drop", the tick box of the "Send ICMP..." is optional. So yeah, John is correct.
If you check the possible value of the actions, it can be : Allow, deny,drop,drop-icmp, RST client , RST server, RST both So you are not right.
You can set a drop action to send a type 3 ICMP, but "Drop, send ICMP Unreachable" is not the name of any action. The right answer is A.
Its should to be A
B is the right answer, it's the same as Q.150