Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 223
An internal system is not functioning. The firewall administrator has determined that the incorrect egress interface is being used. After looking at the configuration, the administrator believes that the firewall is not using a static route.
What are two reasons why the firewall might not use a static route? (Choose two.)
Answer options
- A. duplicate static route
- B. no install on the route
- C. disabling of the static route
- D. path monitoring on the static route
Correct answer: B, D
Explanation
The correct answer includes 'no install on the route,' which indicates that the static route hasn't been properly installed in the routing table, preventing its use. 'Path monitoring on the static route' can also cause the firewall to ignore the static route if the monitored path fails. The other options, such as a duplicate static route or disabling the route, do not necessarily prevent the static route from being used under normal circumstances.