NGFW-ENGINEER · Question #12
NGFW-ENGINEER Question #12: Real Exam Question with Answer & Explanation
The correct answer is B: Local firewall rules are evaluated after Panorama pre-rules and before Panorama post-rules.. Local firewall rules are evaluated after Panorama pre-rules (those applied before the firewall's local policies) and before Panorama post-rules (those applied after the firewall's local policies). This ensures that the local firewall rules do not override the central Panorama pol
Question
Which statement applies to the relationship between Panorama-pushed Security policy and local firewall Security policy?
Options
- AWhen a policy match is found in a local firewall policy, if any Panorama shared post-rule is
- BLocal firewall rules are evaluated after Panorama pre-rules and before Panorama post-rules.
- CPanorama post-rules can be configured to be evaluated before local firewall policy for the
- DThe order of policy evaluation can be configured differently in different device groups.
Explanation
Local firewall rules are evaluated after Panorama pre-rules (those applied before the firewall's local policies) and before Panorama post-rules (those applied after the firewall's local policies). This ensures that the local firewall rules do not override the central Panorama policy and are only applied in the appropriate order within the policy evaluation sequence.
Topics
Community Discussion
No community discussion yet for this question.