Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 263

An administrator is required to create an application-based Security policy rule to allow Evernote. The Evernote application implicitly uses SSL and web browsing.
What is the minimum the administrator needs to configure in the Security rule to allow only Evernote?

Answer options

• A. Create an Application Override using TCP ports 443 and 80.
• B. Add the HTPP, SSL, and Evernote applications to the same Security policy.
• C. Add the Evernote application to the Security policy rule, then add a second Security policy rule containing both HTTP and SSL.
• D. Add only the Evernote application to the Security policy rule.

Correct answer: D

Explanation

The correct answer is D because adding just the Evernote application to the Security policy rule is the most straightforward way to ensure that only Evernote traffic is allowed. The other options involve adding unnecessary components or additional rules that could allow traffic from other applications, which is not required to meet the objective.