Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam PSE-SoftwareFirewall Topic 4 Question 22 Discussion

Actual exam question for Palo Alto Networks's PSE-SoftwareFirewall exam
Question #: 22
Topic #: 4
[All PSE-SoftwareFirewall Questions]

Why are VM-Series firewalls and hardware firewalls that are external to the Kubernetes cluster problematic for protecting containerized workloads?

Show Suggested Answer Hide Answer
Suggested Answer: B

Visibility into application-level cluster traffic:

VM-Series firewalls and hardware firewalls that are external to the Kubernetes cluster lack the necessary visibility into the traffic and communications occurring at the application level within the cluster. This limitation impedes their ability to effectively protect containerized workloads.


Palo Alto Networks Kubernetes Security Guide

by Shaniqua at Mar 20, 2025, 10:20 AM

Limited Time Offer

25%

Off

Get Premium PSE-SoftwareFirewall Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shannon
22 days ago
I think the main problem is that they function differently based on their location inside or outside the cluster.
upvoted 0 times
...
Jean
23 days ago
I believe the issue is that they do not scale independently of the Kubernetes cluster.
upvoted 0 times
...
Theron
1 months ago
I agree with Ilene, external firewalls have no visibility into application-level cluster traffic.
upvoted 0 times
...
Dulce
1 months ago
B definitely makes the most sense. You can't protect what you can't see, and those external firewalls are basically blind to the inner workings of the cluster.
upvoted 0 times
...
Dalene
1 months ago
I'd go with D. Those firewalls don't scale independently, so they can't keep up with the dynamic nature of Kubernetes. Imagine trying to wrestle a tiger with a leash, that's what it must feel like.
upvoted 0 times
Leana
2 days ago
B) They are located outside the cluster and have no visibility into application-level cluster traffic.
upvoted 0 times
...
Della
4 days ago
A) They function differently based on whether they are located inside or outside of the cluster.
upvoted 0 times
...
...
Ilene
1 months ago
I think VM-Series firewalls and external hardware firewalls are problematic for protecting containerized workloads because they are located outside the cluster.
upvoted 0 times
...
Val
1 months ago
Option B sounds right to me. External firewalls have no idea what's happening inside the Kubernetes cluster, so they can't really protect those containerized workloads effectively.
upvoted 0 times
Emile
15 days ago
Option B sounds right. External firewalls can't see what's going on inside the cluster.
upvoted 0 times
...
Flo
27 days ago
B) They are located outside the cluster and have no visibility into application-level cluster traffic.
upvoted 0 times
...
Venita
28 days ago
A) They function differently based on whether they are located inside or outside of the cluster.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77