Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 21
An administrator has created an SSL Decryption policy rule that decrypts SSL sessions on any port.
Which log entry can the administrator use to verify that sessions are being decrypted?
Answer options
- A. In the details of the Traffic log entries
- B. Decryption log
- C. Data Filtering log
- D. In the details of the Threat log entries
Correct answer: A
Explanation
The correct answer is A because the Traffic log provides detailed entries on the traffic that has been processed, including decrypted sessions. The Decryption log (B) contains information about the decryption process itself but does not show session details, while the Data Filtering log (C) and Threat log (D) focus on different aspects of network activity and do not pertain to SSL session decryption.