Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 277

An administrator is reviewing packet captures to troubleshoot a problem with an application, and they observe TCP resets to the client and the server.

Which security policy action causes this?

Answer options

• A. Drop
• B. Reset server
• C. Reset client
• D. Reset both

Correct answer: D

Explanation

The correct answer is 'Reset both' because this action indicates that the security policy is configured to terminate connections from both the client and server sides. The other options only reset one side of the connection, which would not result in TCP resets being observed for both parties.