Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 540

An administrator needs to evaluate a recent policy change that was committed and pushed to a firewall device group. How should the administrator identify the configuration changes?

Answer options

• A. review the configuration logs on the Monitor tab
• B. use Test Policy Match to review the policies in Panorama
• C. context-switch to the affected firewall and use the configuration audit tool
• D. click Preview Changes under Push Scope

Correct answer: A

Explanation

The correct answer is A because reviewing the configuration logs on the Monitor tab allows the administrator to see detailed records of all changes made. Options B and C do not provide a direct view of the changes made to the configuration, while D is related to seeing potential changes before they are pushed, not evaluating those that have already been applied.