Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 55

An administrator would like to silently drop traffic from the internet to a ftp server.
Which Security policy action should the administrator select?

Answer options

• A. Drop
• B. Deny
• C. Block
• D. Reset-server

Correct answer: A

Explanation

The correct answer is 'Drop' because it allows the traffic to be discarded without sending any notification back to the sender, effectively silencing the drop. Options 'Deny' and 'Block' may imply sending a response or notification, which is not desired in this scenario. 'Reset-server' is used to terminate a connection rather than drop incoming traffic.