PCNSE Question #242: Real Exam Question with Answer & Explanation

The correct answer is A: Create a custom application.. When the firewall cannot classify traffic and labels it 'unknown-tcp', there are two paths to resolve it: (A) Create a custom application - the administrator writes their own App-ID signature using known patterns (ports, payloads, behaviors) to identify the application; and (C) S

Submitted by skyler.x· Apr 18, 2026Configuration Troubleshooting

Question

The firewall identifies a popular application as an unknown-tcp. Which two options are available to identify the application? (Choose two.)

Options

ACreate a custom application.
BCreate a custom object for the custom application server to identify the custom application.
CSubmit an Apple-ID request to Palo Alto Networks.
DCreate a Security policy to identify the custom application.

Explanation

When the firewall cannot classify traffic and labels it 'unknown-tcp', there are two paths to resolve it: (A) Create a custom application - the administrator writes their own App-ID signature using known patterns (ports, payloads, behaviors) to identify the application; and (C) Submit an App-ID request to Palo Alto Networks - if the application is popular and broadly used, PAN's threat intelligence team can develop an official App-ID signature and release it in a content update. Option B (custom object for server) is not a standard identification mechanism. Option D (Security policy rule) acts on traffic after identification but cannot itself perform application identification.

Topics

#App-ID#Custom Applications#Application Identification#Troubleshooting

Community Discussion

No community discussion yet for this question.

Full PCNSE Practice Browse All PCNSE Questions