PCNSE Question #617: Real Exam Question with Answer & Explanation

The correct answer is A: All traffic from source network 192.168.100.0/24 is sent to an external syslog target.. This question requires interpreting the effects of a hypothetical Log Forwarding Profile, indicating specific forwarding rules based on source network and destination.

Submitted by saadiq_pk· Apr 18, 2026Deploy and Configure

Question

Given the Sample Log Forwarding Profile shown, which two statements are true? (Choose two.)

Options

AAll traffic from source network 192.168.100.0/24 is sent to an external syslog target.
BAll threats are logged to Panorama.
CAll traffic logs from RFC 1918 subnets are logged to Panorama / Cortex Data Lake.
DAll traffic from source network 172.12.0.0/24 is sent to Panorama / Cortex Data Lake.

Explanation

This question requires interpreting the effects of a hypothetical Log Forwarding Profile, indicating specific forwarding rules based on source network and destination.

Common mistakes.

B. The profile does not necessarily specify that all threats are logged to Panorama; it might have specific rules for certain threat types or destinations, or for only specific threat severities.
D. The IP range 172.12.0.0/24 is not an RFC 1918 private IP subnet; therefore, traffic from this network would not be covered by the rule forwarding RFC 1918 traffic to Panorama / Cortex Data Lake.

Concept tested. Log forwarding profile interpretation

Reference. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/configure-log-forwarding.html

Topics

#Log Forwarding Profile#Syslog#Panorama#RFC 1918

Community Discussion

No community discussion yet for this question.

Full PCNSE Practice Browse All PCNSE Questions