Palo Alto Networks Network Security Generalist — Question 7

What is the main security benefit of adding a CN-Series firewall to an existing VM-Series firewall deployment when the customer is using containers?

Answer options

• A. It provides perimeter threat detection and inspection outside the container itself.
• B. It prevents lateral threat movement within the container itself.
• C. It monitors and logs traffic outside the container itself.
• D. It enables core zone segmentation within the container itself.

Correct answer: B

Explanation

The correct answer, B, highlights that the CN-Series firewall is specifically designed to prevent threats from moving laterally within the container environment, ensuring better security for applications. Option A is incorrect as it refers to perimeter security, which is not the main benefit in this context. Options C and D do not address the lateral movement of threats, making them less relevant to the primary security advantage being asked.