Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 181

An administrator is troubleshooting traffic that should match the interzone-default rule. However, the administrator doesn't see this traffic in the traffic logs on the firewall. The interzone-default was never changed from its default configuration.
Why doesn't the administrator see the traffic?

Answer options

• A. The interzone-default policy is disabled by default.
• B. Traffic is being denied on the interzone-default policy.
• C. Logging on the interzone-default policy is disabled.
• D. The Log Forwarding profile is not configured on the policy.

Correct answer: C

Explanation

The correct answer is C because logging needs to be explicitly enabled on the interzone-default policy for the traffic to be recorded in the logs. Options A and B are incorrect as the policy is not disabled by default, and it does not deny traffic by default. Option D is also incorrect because the Log Forwarding profile configuration is unrelated to the logging status of the policy itself.