Palo Alto Networks Exam NetSec-Generalist Topic 3 Question 5 Discussion

Actual exam question for Palo Alto Networks's NetSec-Generalist exam

Question #: 5
Topic #: 3

A firewall administrator wants to segment the network traffic and prevent noncritical assets from being able to access critical assets on the network.

Which action should the administrator take to ensure the critical assets are in a separate zone from the noncritical assets?

ACreate a deny Security policy with 'any' set for both the source and destination zones.

BCreate an allow Security policy with 'any' set for both the source and destination zones.

CLogically separate physical and virtual interfaces to control the traffic that passes across the interface.

DAssign a single interface to multiple security zones.

Show Suggested Answer

Suggested Answer: C

by Joanne at Feb 06, 2025, 03:34 PM

Limited Time Offer

25%

Off

Get Premium NetSec-Generalist Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Emilio

7 days ago

But wouldn't assigning a single interface to multiple security zones also help in segmenting the network traffic effectively?

upvoted 0 times

...

Nancey

14 days ago

I disagree, I believe logically separating physical and virtual interfaces to control the traffic would be more effective.

upvoted 0 times

...

Emilio

16 days ago

I think the administrator should create a deny Security policy with 'any' set for both the source and destination zones.

upvoted 0 times

...