Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 140

What are the differences between using a service versus using an application for Security Policy match?

Answer options

• A. Use of a ג€serviceג€ enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an ג€applicationג€ allows the firewall to take immediate action if the port being used is a member of the application standard port list.
• B. There are no differences between ג€serviceג€ or ג€applicationג€. Use of an ג€applicationג€ simplifies configuration by allowing use of a friendly application name instead of port numbers.
• C. Use of a ג€serviceג€ enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an ג€applicationג€ allows the firewall to take action after enough packets allow for App-ID identification regardless of the ports being used
• D. Use of a ג€serviceג€ enables the firewall to take action after enough packets allow for App-ID identification

Correct answer: C

Explanation

The correct answer is C because it accurately describes how a 'service' works with immediate action based on port numbers, while an 'application' requires multiple packets for App-ID identification. Option A is incorrect as it misrepresents the application behavior, and options B and D incorrectly state that there are no differences or mischaracterize the action taken with services.