PCNSE Question #245: Real Exam Question with Answer & Explanation

The correct answer is A: after the application has been identified. In PAN-OS packet processing, App-ID identifies the application first. Only after the application is identified can Content-ID perform content inspection (such as threat scanning, URL filtering, and file blocking), because the type and context of content inspection depend on what

Submitted by daniela_cl· Apr 18, 2026Core Concepts

Question

When is the content inspection performed in the packet flow process?

Options

Aafter the application has been identified
Bbefore session lookup
Cbefore the packet forwarding process
Dafter the SSL Proxy re-encrypts the packet

Explanation

In PAN-OS packet processing, App-ID identifies the application first. Only after the application is identified can Content-ID perform content inspection (such as threat scanning, URL filtering, and file blocking), because the type and context of content inspection depend on what application is running. Content inspection cannot precede application identification since the inspection profiles are matched based on the identified application.

Topics

#Packet flow#Content inspection#App-ID#Security processing

Community Discussion

No community discussion yet for this question.

Full PCNSE Practice Browse All PCNSE Questions