Palo Alto Networks Network Security Analyst — Question 14

A firewall administrator is creating an application override rule to bypass Layer 7 inspection for a pre-defined application.
What is the expected behavior for Content-ID checks for this application?

Answer options

• A. DNS Security will have degraded performance for advanced features.
• B. WildFire will only use inline-ML checks instead of sending items to WildFire Cloud.
• C. No additional security checks will occur due to there being only Layer 4 handling.
• D. Threat inspection will occur if the pre-defined application supports threat inspection.

Correct answer: C

Explanation

The correct answer is C because when an application override rule is applied, only Layer 4 processing is performed, resulting in no additional security checks from Content-ID. Options A, B, and D are incorrect as they discuss other features or conditions not relevant to the bypassing of Layer 7 inspection.