PCNSE · Question #283
PCNSE Question #283: Real Exam Question with Answer & Explanation
The correct answer is C: Decryption. Decryption logs (introduced in PAN-OS 8.1+) are specifically designed to record details about SSL/TLS inspection decisions. Each log entry shows whether a session was decrypted or not, the policy rule that applied, the reason for decryption or exemption, certificate details, and
Question
Which logs enable a firewall administrator to determine whether a session was decrypted?
Options
- ATraffic
- BSecurity Policy
- CDecryption
- DCorrelated Event
Explanation
Decryption logs (introduced in PAN-OS 8.1+) are specifically designed to record details about SSL/TLS inspection decisions. Each log entry shows whether a session was decrypted or not, the policy rule that applied, the reason for decryption or exemption, certificate details, and the TLS version/cipher used. Traffic logs record session flow information (source, destination, bytes, application) but do not provide granular decryption status details. Security Policy logs show policy matches. Correlated Event logs are threat intelligence correlation events, unrelated to decryption status.
Topics
Community Discussion
No community discussion yet for this question.