Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCNSE Topic 6 Question 76 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks Certified Security Engineer PAN-OS 11.0 exam
Question #: 76
Topic #: 6
[All Palo Alto Networks Certified Security Engineer PAN-OS 11.0 Questions]

A firewall engineer creates a destination static NAT rule to allow traffic from the internet to a webserver hosted behind the edge firewall. The pre-NAT IP address of the server is 153.6 12.10, and the post-NAT IP address is 192.168.10.10. Refer to the routing and interfaces information below.

What should the NAT rule destination zone be set to?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Nidia
6 months ago
Yup, C) DMZ is the correct answer. I mean, it's not like we're going to put the webserver in the 'None' zone, right? That would just be silly.
upvoted 0 times
...
Jaleesa
6 months ago
Absolutely, the DMZ zone is the way to go here. That's the whole point of having a DMZ - to isolate public-facing servers like the webserver from the internal network.
upvoted 0 times
...
Mariko
6 months ago
I agree, the webserver is in the DMZ zone. So the NAT rule destination zone should be set to 'DMZ' to allow traffic from the internet to reach the webserver.
upvoted 0 times
...
Ernestine
6 months ago
Hmm, this is an interesting question. The pre-NAT IP address of the server is 153.6.12.10, and the post-NAT IP address is 192.168.10.10. Based on the routing and interfaces information provided, it looks like the webserver is hosted in the DMZ zone.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77