Palo Alto Networks NGFW Engineer — Question 81

An NGFW engineer is configuring multiple Layer 2 interfaces on a Palo Alto Networks firewall, and all interfaces must be assigned to the same VLAN. During initial testing, it is reported that clients located behind the various interfaces cannot communicate with each other.
Which action taken by the engineer will resolve this issue?

Answer options

• A. Configure each interface to belong to the same Layer 2 zone and enable IP routing between them.
• B. Assign each interface to the appropriate Layer 2 zone and configure a policy that allows traffic within the VLAN.
• C. Assign each interface to the appropriate Layer 2 zone and configure Security policies for interfaces not assigned to the same zone.
• D. Enable IP routing between the interfaces and configure a Security policy to allow traffic between interfaces within the VLAN.

Correct answer: C

Explanation

The correct answer is C because assigning each interface to the appropriate Layer 2 zone and configuring Security policies allows for traffic control between interfaces in different zones. Options A and D incorrectly suggest enabling IP routing, which is not applicable for Layer 2 interfaces, while option B does not address the need for Security policies between different zones.