Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 83

Assume that traffic matches a Security policy rule but the attached Security Profiles is configured to block matching traffic.
Which statement accurately describes how the firewall will apply an action to matching traffic?

Answer options

• A. If it is a block rule, then Security Profile action is applied last.
• B. If it is an allow rule, then the Security policy rule is applied last.
• C. If it is a block rule, then the Security policy rule action is applied last.
• D. If it is an allowed rule, then the Security Profile action is applied last.

Correct answer: D

Explanation

The correct answer is D because when a traffic flow is allowed, the Security Profile's action takes precedence and is evaluated last. Options A, B, and C are incorrect as they misrepresent the order of evaluation between the Security policy rule and Security Profile actions.