Examice

Exam PCNSA All QuestionsBrowse all questions from this exam

Question 280

An administrator configured a Security policy rule with an Antivirus Security profile. The administrator did not change the action for the profile.

If a virus gets detected, how will the firewall handle the traffic?

It allows the traffic but generates an entry in the Threat logs.

It drops the traffic because the profile was not set to explicitly allow the traffic.

It allows the traffic because the profile was not set the explicitly deny the traffic.

It uses the default action assigned to the virus signature.

Correct Answer: D

When an administrator configures a Security policy rule with an Antivirus Security profile and does not change the action for the profile, the firewall will handle the traffic based on the default action assigned to the virus signature. Each threat and Antivirus signature defined by Palo Alto Networks has a specified default action, which is typically an alert or a reset-both. Therefore, if a virus gets detected, the firewall will follow the predefined default action for that specific signature.

Discussion

DlaEdu_ExOption: D

D is correct "Default—For each threat signature and Antivirus signature that is defined by Palo Alto Networks, a default action is specified internally. Typically, the default action is an alert or a reset-both. " https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/security-profiles

Adeolu007Option: D

D. Security profiles have their own actions