nerdexam
Palo_Alto_Networks

PCNSC · Question #38

PCNSC Question #38: Real Exam Question with Answer & Explanation

The correct answer is D. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network- network-profiles/network-network-profiles-monitor A monitor profile is used to monitor IPSec tunnels and to monitor a next-hop device for policy- based forwarding (PBF) rules. In both cases,

Question

A user's traffic traversing a Palo Alto Networks NGFW sometimes can reach How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

Options

  • AConfigure path monitoring for tine next hop gateway on the default route in tin- virtual router.
  • BEnable and configure a Link Monitoring Profile for the external interface of the firewall.
  • CCreate and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  • DCreate and add a Monitor Profile with an action of Fail Over in the PBF rule in question.

Explanation

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network- network-profiles/network-network-profiles-monitor A monitor profile is used to monitor IPSec tunnels and to monitor a next-hop device for policy- based forwarding (PBF) rules. In both cases, the monitor profile is used to specify an action to take when a resource (IPSec tunnel or next-hop device) becomes unavailable. wait-recover - Wait for the tunnel to recover; do not take additional action. Packets will continue to be sent according to the PBF rule. fail-over - Traffic will fail over to a backup path, if one is available. The firewall uses routing table lookup to determine routing for the duration of this session.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PCNSC Practice