PCNSA Question #2: Real Exam Question with Answer & Explanation

Question

Which two statements are correct about App-ID content updates? (Choose two.)

Options

• AUpdated application content may change how security policy rules are enforced
• BAfter an application content update, new applications must be manually classified prior to use
• CExisting security policy rules are not affected by application content updates
• DAfter an application content update, new applications are automatically identified and classified

Explanation

App-ID content updates from Palo Alto Networks can introduce new application signatures or modify existing ones, which means your existing security policy rules may start matching traffic differently - making A correct. When new applications are added via a content update, the firewall automatically identifies and classifies them using the updated App-ID signatures without any manual intervention, making D correct.

B is wrong because manual classification is not required after a content update - App-ID handles identification automatically as soon as the update is applied. C is wrong because it directly contradicts A: existing rules can be affected if an updated signature changes how previously-classified traffic is matched, potentially shifting traffic into a different application category.

Memory tip: Think of App-ID updates like a browser updating its site database - your existing bookmarks (rules) might now point somewhere slightly different, and new sites (apps) are recognized automatically without you having to manually add them.

No community discussion yet for this question.