Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam PCSFE Topic 9 Question 12 Discussion

Actual exam question for Palo Alto Networks's PCSFE exam
Question #: 12
Topic #: 9
[All PCSFE Questions]

Which protocol is used for communicating between VM-Series firewalls and a gateway load balancer in Amazon Web Services (AWS)?

Show Suggested Answer Hide Answer
Suggested Answer: D

App-ID is the component that can provide application-based segmentation and prevent lateral threat movement. Application-based segmentation is a method of dividing the network into smaller segments or zones based on application or workload characteristics, such as function, dependency, owner, or security posture. Lateral threat movement is a technique used by attackers to move across the network from one compromised host to another, looking for sensitive data or assets. App-ID is a feature that identifies and classifies applications and protocols based on their content and characteristics, regardless of port, encryption, or evasion techniques. App-ID can provide application-based segmentation and prevent lateral threat movement by applying granular security policies based on application information to each segment or connection, blocking unauthorized access or data exfiltration. DNS Security, NAT, and URL Filtering are not components that can provide application-based segmentation and prevent lateral threat movement, but they are related features that can enhance security and visibility. Reference:Palo Alto Networks Certified Software Firewall Engineer (PCSFE), [App-ID Overview], [Microsegmentation with Palo Alto Networks], [Lateral Movement]


by Marge at Jan 22, 2024, 12:31 PM

Limited Time Offer

25%

Off

Get Premium PCSFE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Justine
2 months ago
VRLAN? That's not even a real thing. Did they get their networking protocols mixed up with their kitchen appliances?
upvoted 0 times
Ruthann
14 days ago
B) Geneve
upvoted 0 times
...
Helga
18 days ago
No, VRLAN is not a real protocol. It's GRE that is used for communicating between VM-Series firewalls and a gateway load balancer in AWS.
upvoted 0 times
...
Tonja
21 days ago
C) GRE
upvoted 0 times
...
Justine
2 months ago
A) VRLAN
upvoted 0 times
...
...
Gearldine
2 months ago
Ooh, a trick question! I bet it's not even one of those options. AWS loves to keep us on our toes.
upvoted 0 times
Jerlene
Yeah, AWS does like to do things their own way sometimes.
upvoted 0 times
...
Jackie
1 days ago
Maybe it's a custom protocol designed specifically for AWS.
upvoted 0 times
...
Julio
2 days ago
I think it might be a different protocol altogether.
upvoted 0 times
...
Kenneth
3 days ago
D) VMLAN
upvoted 0 times
...
Marta
4 days ago
C) GRE
upvoted 0 times
...
Kanisha
5 days ago
B) Geneve
upvoted 0 times
...
Dante
1 months ago
A) VRLAN
upvoted 0 times
...
...
Melissia
2 months ago
VMLAN? Really? That sounds made up. I'll have to go with Geneve on this one.
upvoted 0 times
...
Mendy
2 months ago
Hmm, I'm not sure. GRE seems like a common tunneling protocol, but I'm not confident it's the right choice here.
upvoted 0 times
...
Ruby
2 months ago
I think the answer is Geneve, since that's the AWS-recommended protocol for connecting VMs to load balancers.
upvoted 0 times
Andra
1 months ago
Yes, you're correct. Geneve is the protocol used for communicating between VM-Series firewalls and a gateway load balancer in AWS.
upvoted 0 times
...
Salley
1 months ago
I believe the answer is Geneve.
upvoted 0 times
...
Kristin
1 months ago
Yes, Geneve is the recommended protocol by AWS for connecting VMs to load balancers.
upvoted 0 times
...
Stevie
2 months ago
I agree, Geneve is the correct answer for communicating between VM-Series firewalls and a gateway load balancer in AWS.
upvoted 0 times
...
...
Janey
3 months ago
I'm not sure, but I think VRLAN could also be a possible option for this scenario.
upvoted 0 times
...
Ozell
3 months ago
I agree with Rose, GRE makes sense for communication between VM-Series firewalls and a gateway load balancer.
upvoted 0 times
...
Rose
3 months ago
I think the answer is C) GRE.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77