Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam SSE-Engineer Topic 2 Question 2 Discussion

Actual exam question for Palo Alto Networks's SSE-Engineer exam
Question #: 2
Topic #: 2
[All SSE-Engineer Questions]

A user connected to Prisma Access reports that traffic intermittently is denied after matching a Catch-All Deny rule at the bottom and bypassing HIP-based policies. Refreshing VPN connection restores the access.

What are two reasons for this behavior? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

User mapping learned from sources other than gateway authentication can cause intermittent access issues if it conflicts with the expected user identity used in HIP-based policies. If the firewall is associating the user with an outdated or incorrect mapping, traffic may not match the intended security policies, leading to denials by the Catch-All Deny rule.

If the firewall loses user mapping due to missed HIP report checks, the user may temporarily lose access to policies that require a valid Host Information Profile (HIP) match. When the VPN connection is refreshed, the HIP check is re-initiated, restoring access until the issue repeats.


by Pete at May 03, 2025, 11:03 PM

Limited Time Offer

25%

Off

Get Premium SSE-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Raina
1 days ago
Ooh, this is a tricky one. I'm going to go with B and C. User mapping from other sources and the firewall losing the mapping? That's gotta be it. Although, I have to say, these Prisma Access questions are getting more confusing by the minute.
upvoted 0 times
...
Elizabeth
4 days ago
I agree with Lacresha, but I also think C) Firewall loses user mapping due to missed HIP report checks.
upvoted 0 times
...
Lacresha
5 days ago
I think the reason could be A) 'Collect HIP data' needs to be enabled.
upvoted 0 times
...
Viola
11 days ago
I'm going with C and D. Losing the user mapping and having a time-limited HIP policy? Sounds like a recipe for frustration. I bet the person reporting this issue is ready to throw their laptop out the window.
upvoted 0 times
Stanford
4 days ago
Refreshing the VPN connection seems to be a temporary fix for now.
upvoted 0 times
...
Iola
8 days ago
Yeah, losing user mapping and having a time-limited policy can definitely cause frustration.
upvoted 0 times
...
Gregoria
9 days ago
I think C and D are the reasons for the issue.
upvoted 0 times
...
...
Salley
1 months ago
I'm leaning towards B and C. User mapping learned from other sources could be causing the problem, and the missed HIP checks definitely sound like a culprit. This is giving me a headache just thinking about it.
upvoted 0 times
...
Willodean
1 months ago
Hmm, I think it's gotta be C and D. If the firewall loses the user mapping due to missed HIP checks, and the HIP-enforced policy is only active during certain hours, that would explain the intermittent access issues.
upvoted 0 times
Janey
2 days ago
D) HIP-enforced policy is scheduled for certain hours of the day.
upvoted 0 times
...
Wayne
6 days ago
C) Firewall loses user mapping due to missed HIP report checks.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77