Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 375
An administrator should filter NGFW traffic logs by which attribute column to determine if the entry is for the start or end of the session?
Answer options
- A. Source
- B. Type
- C. Receive Time
- D. Destination
Correct answer: B
Explanation
The correct answer is B, as the 'Type' column in NGFW traffic logs indicates whether the log entry is for the start or end of a session. The other options, while relevant in different contexts, do not specifically denote the session state in the logs.