Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 193

An administrator would like to see the traffic that matches the intrazone-default rule in the traffic logs.

What is the correct process to enable this logging?

Answer options

• A. Select the intrazone-default rule and click Override; on the Actions tab, select Log at Session End and click OK.
• B. Select the intrazone-default rule and edit the rule; on the Actions tab, select Log at Session End and click OK.
• C. Select the intrazone-default rule and edit the rule; on the Actions tab, select Log at Session Start and click OK.
• D. This rule has traffic logging enabled by default; no further action is required.

Correct answer: A

Explanation

The correct process to enable logging for the intrazone-default rule is to select it and click Override, then choose Log at Session End. Option B is incorrect because it suggests editing rather than overriding. Option C is wrong as it refers to logging at Session Start instead of Session End. Option D is misleading because the administrator needs to enable logging through an action.