nerdexam
Palo_Alto_Networks

NETSEC-GENERALIST · Question #70

Which tool will help refine a security rule by specifying the applications it has viewed in past weeks?

The correct answer is D. Policy Optimizer. Policy Optimizer (D) is purpose-built for this task. It analyzes traffic logs to identify which applications have actually been seen matching a given security rule over a configurable historical window (e.g., the past 30 days). It then presents recommendations to convert port-bas

Security Policy Management and Optimization

Question

Which tool will help refine a security rule by specifying the applications it has viewed in past weeks?

Options

  • ASecurity Lifecycle Review (SLR)
  • BCustom Reporting
  • CAutonomous Digital Experience Management (ADEM)
  • DPolicy Optimizer

How the community answered

(39 responses)
  • B
    3% (1)
  • C
    5% (2)
  • D
    92% (36)

Explanation

Policy Optimizer (D) is purpose-built for this task. It analyzes traffic logs to identify which applications have actually been seen matching a given security rule over a configurable historical window (e.g., the past 30 days). It then presents recommendations to convert port-based rules into App-ID-based rules or to tighten existing App-ID rules, directly improving security posture. Security Lifecycle Review (SLR) (A) is a broader assessment tool used during customer engagements to evaluate overall security posture, not for per-rule application refinement. Custom Reporting (B) can surface application data but does not interactively guide rule refinement. ADEM (C) - Autonomous Digital Experience Management - monitors end-user experience and network path quality, unrelated to policy optimization.

Topics

#Policy Optimization#Firewall Management#Application-ID#Security Rules

Community Discussion

No community discussion yet for this question.

Full NETSEC-GENERALIST Practice