Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 101
Which data flow direction is protected in a zero-trust firewall deployment that is not protected in a perimeter-only firewall deployment?
Answer options
- A. north-south
- B. inbound
- C. outbound
- D. east-west
Correct answer: D
Explanation
In a zero-trust firewall deployment, the east-west traffic, which refers to data moving laterally within the network, is monitored and controlled to prevent internal threats. Perimeter-only firewalls primarily focus on north-south traffic, which is external to internal, leaving east-west traffic vulnerable. Therefore, the correct answer is D, as it addresses the increased security for internal communications.