Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 36

An administrator encountered problems with inbound decryption. Which option should the administrator investigate as part of triage?

Answer options

• A. Security policy rule allowing SSL to the target server
• B. Firewall connectivity to a CRL
• C. Root certificate imported into the firewall with ג€Trustג€ enabled
• D. Importation of a certificate from an HSM

Correct answer: A

Explanation

The correct answer is A because if the security policy does not permit SSL to the target server, inbound decryption will fail. Options B, C, and D relate to other aspects of certificate and connectivity issues but do not directly address the decryption of inbound traffic.