Palo Alto Networks System Engineer – Strata — Question 81

Which decryption requirement ensures that inspection can be provided to all inbound traffic routed to internal application and database servers?

Answer options

• A. Installation of certificates from the application server and database server on the NGFW and configuration of an SSL Inbound Decryption policy
• B. Installation of a trusted root CA certificate on the NGFW and configuration of an SSL Inbound Decryption policy
• C. Configuration of an SSL Inbound Decryption policy using one of the built-in certificates included in the certificate store
• D. Configuration of an SSL Inbound Decryption policy without installing certificates

Correct answer: A

Explanation

The correct answer is A because it specifies the need for certificates from both the application and database servers, which is essential for proper decryption and inspection of the traffic. Options B, C, and D do not adequately address the requirement for installation of specific certificates needed for effective inbound decryption.