Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 87

An administrator has configured a Security policy where the matching condition includes a single application, and the action is drop.
If the application's default deny action is reset-both, what action does the firewall take?

Answer options

• A. It silently drops the traffic.
• B. It silently drops the traffic and sends an ICMP unreachable code.
• C. It sends a TCP reset to the server-side device.
• D. It sends a TCP reset to the client-side and server-side devices.

Correct answer: A

Explanation

The correct answer is A because a drop action means the traffic is simply discarded without any notification. Options B, C, and D all involve sending resets or ICMP messages, which do not align with a drop action under the given policy.