Examice

Exam PCNSE All QuestionsBrowse all questions from this exam

Question 273

An administrator is building Security rules within a device group to block traffic to and from malicious locations. How should those rules be configured to ensure that they are evaluated with a high priority?

Create the appropriate rules with a Block action and apply them at the top of the local firewall Security rules

Create the appropriate rules with a Block action and apply them at the top of the Security Pre-Rules

Create the appropriate rules with a Block action and apply them at the top of the Security Post-Rules

Create the appropriate rules with a Block action and apply them at the top of the Default Rules

Correct Answer: B

To ensure that security rules are evaluated with a high priority, they should be placed at the top of the Security Pre-Rules. Pre-Rules are evaluated before any other rules, including local firewall rules, post-rules, and default rules. This means that malicious traffic will be blocked as early as possible, providing an effective layer of security.

Discussion

TAKUM1yOption: B

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/panorama-web-interface/defining-policies-on-panorama

mysteryzjokerOption: B

B - pre rules are evaluated first, then local, then post and the default rules are at the bottom

Sammy3637Option: B

Pre Rules come first always !

confusionOption: B

B, rule evaluation order is: Pre/Local/Post/Default