Palo Alto Networks System Engineer – Strata — Question 41

Which two features are found in Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)

Answer options

• A. Policy match is based on application
• B. Traffic control is based on IP, port, and protocol
• C. Traffic is separated by zones
• D. Identification of application is possible on any port

Correct answer: A, D

Explanation

The correct answers, A and D, highlight advanced features of Palo Alto Networks NGFW, such as application-based policy matching and the ability to identify applications regardless of the port used. In contrast, options B and C describe capabilities typical of legacy firewalls that do not include application awareness.