Palo Alto Networks SSE Engineer — Question 22

An engineer deploys a new branch connected to Prisma Access. From the customer premises equipment (CPE) device at the branch, Phase 1 on the tunnel is established, but Phase 2-encrypted packets are not coming back from Prisma Access.
Which Strata Logging Service log facility should the engineer review to determine why Phase 2-encrypted traffic is not being received?

Answer options

• A. Decrypt logs
• B. System logs
• C. Traffic logs
• D. Tunnel logs

Correct answer: B

Explanation

The correct answer is B, System logs, as they provide critical information about the overall state of the system, including any errors or issues that may affect traffic flow. Decrypt logs (A) focus on the decryption process, Traffic logs (C) record data about traffic but may not indicate tunnel-specific issues, and Tunnel logs (D) detail tunnel operations but may not cover system-level problems impacting Phase 2 traffic.