Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 272

An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released.
Which object should the administrator use as a match condition in the Security policy?

Answer options

• A. the Online Storage and Backup URL category
• B. the Content Delivery Networks URL category
• C. an application group containing all of the file-sharing App-IDs reported in the traffic logs
• D. an application filter for applications whose subcategory is file-sharing

Correct answer: D

Explanation

The correct answer is D because an application filter allows for dynamic updates based on the subcategory of applications, which in this case is file-sharing. Options A and B refer to URL categories that do not specifically target file-sharing applications, while option C requires manual updates to the application group as new App-IDs are released.