Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 47

An administrator creates a custom application containing Layer 7 signatures. The latest application and threat dynamic update is downloaded to the same NGFW.
The update contains an application that matches the same traffic signatures as the custom application.
Which application should be used to identify traffic traversing the NGFW?

Answer options

• A. Custom application
• B. System logs show an application error and neither signature is used.
• C. Downloaded application
• D. Custom and downloaded application signature files are merged and both are used

Correct answer: A

Explanation

The correct answer is A, as custom applications take precedence over downloaded applications when they match the same traffic signatures. The other options either indicate a failure in the system (B), suggest the downloaded application should be used instead (C), or imply a merging process that does not occur (D).