BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCNSA Topic 1 Question 74 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam
Question #: 74
Topic #: 1
[All PCNSA Questions]

An administrator should filter NGFW traffic logs by which attribute column to determine if the entry is for the start or end of the session?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Type attribute column in the NGFW traffic logs indicates whether the log entry is for the start or end of the session. The possible values are START, END, DROP, DENY, and INVALID. The START value means that the log entry is for the start of the session, and the END value means that the log entry is for the end of the session.The other values indicate that the session was terminated by the firewall for various reasons12.Reference:Traffic Log Fields,Session Log Best Practices


by Nikita at Sep 15, 2024, 03:51 PM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
My
12 days ago
Hmm, this is a tough one. But I bet the answer involves a 'Start' and 'Stop' designation, not just the columns themselves.
upvoted 0 times
...
Malika
13 days ago
I'm going with A) Receive Time. The timestamp should show when the session started and ended.
upvoted 0 times
Glendora
4 hours ago
I agree, A) Receive Time is the best attribute to filter by for session start and end.
upvoted 0 times
...
...
Evan
26 days ago
You know, I was just thinking - if the admin can't figure this out, they might as well throw in the NGFW and go back to carrier pigeons.
upvoted 0 times
...
Leanora
27 days ago
D) Source seems more logical to me. The source IP address would indicate the start or end of a session.
upvoted 0 times
...
Muriel
1 months ago
I think the answer is B) Type. The traffic logs should have a column that indicates whether the entry is for the start or end of a session.
upvoted 0 times
Nieves
13 days ago
C) Destination
upvoted 0 times
...
Marta
14 days ago
B) Type
upvoted 0 times
...
Malcolm
15 days ago
I'm not sure, but I think it's B) Type.
upvoted 0 times
...
Melinda
16 days ago
I agree, it could be D) Source.
upvoted 0 times
...
Justine
18 days ago
I think it might be C) Destination.
upvoted 0 times
...
Isabelle
21 days ago
I believe the answer is A) Receive Time.
upvoted 0 times
...
Lindsey
1 months ago
A) Receive Time
upvoted 0 times
...
...
Jacki
1 months ago
I think filtering by Source would be the best option because it will show where the session originated from.
upvoted 0 times
...
Merilyn
2 months ago
I disagree, I believe filtering by Type would be more accurate in this case.
upvoted 0 times
...
Hollis
2 months ago
I think we should filter by Receive Time to determine the start or end of the session.
upvoted 0 times
...

Save Cancel