Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 174

What happens to traffic traversing SD-WAN fabric that doesn't match any SD-WAN policies?

Answer options

• A. Traffic is dropped because there is no matching SD-WAN policy to direct traffic.
• B. Traffic matches a catch-all policy that is created through the SD-WAN plugin.
• C. Traffic matches implied policy rules and is redistributed round robin across SD-WAN links.
• D. Traffic is forwarded to the first physical interface participating in SD-WAN based on lowest interface number (i.e., Eth1/1 over Eth1/3).

Correct answer: C

Explanation

The correct answer is C because in the absence of specific policies, traffic is handled by implied rules that distribute it evenly across the available SD-WAN links. Option A is incorrect as traffic is not simply dropped; options B and D do not accurately represent the behavior of traffic under these circumstances.