Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PSE-Platform Topic 1 Question 56 Discussion

Actual exam question for Palo Alto Networks's PSE-Platform exam
Question #: 56
Topic #: 1
[All PSE-Platform Questions]

What is a best practice when configuring a security policy to completely block a specific application?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Dacia
6 months ago
Yes, that's true. The rationale behind this is that setting the service to application-default blocks all unknown applications
upvoted 0 times
...
Albina
6 months ago
But wouldn't setting the service to application-default block the specific application completely?
upvoted 0 times
...
Serita
6 months ago
I personally think configuring a file blocking security profile on the Actions tab is more effective
upvoted 0 times
...
Dacia
6 months ago
I agree with Albina, setting the service to application-default is the way to go
upvoted 0 times
...
Albina
7 months ago
I think the best practice is to set the service to application-default
upvoted 0 times
...
Brandon
7 months ago
I think option A, setting the service to any, is the most effective way to block a specific application
upvoted 0 times
...
Tammara
7 months ago
I prefer manually specifying a port/service on the Service/URL. Category tab
upvoted 0 times
...
Gladys
7 months ago
I agree, setting the service to application-default is also a good option
upvoted 0 times
...
Jose
7 months ago
I think the best practice is to configure a file blocking security profile
upvoted 0 times
...
Sena
8 months ago
That's a good point, but I'm not sure I'd want to go that route. Manually configuring everything feels like it could be a bit of a hassle, especially if you have a lot of applications to block. Plus, what if you miss something? Option B just seems more foolproof.
upvoted 0 times
...
Melodie
8 months ago
You know, I was also considering option D, manually specifying the port or service. That way, you could be really granular in your control and only block the exact traffic you need to.
upvoted 0 times
...
Laticia
8 months ago
I agree with you, option B does seem like the most reliable choice. Blocking at the file level would ensure that the application is completely prevented from running, rather than just blocking the associated service or port.
upvoted 0 times
Viva
7 months ago
I agree, blocking at the file level with a security profile seems like the best practice in this scenario.
upvoted 0 times
...
Ivory
8 months ago
Option B does sound like a solid solution to completely block a specific application.
upvoted 0 times
...
Shonda
8 months ago
Manually specifying a port/service on the Service/URL. Category tab may not be as effective as configuring a file blocking security profile.
upvoted 0 times
...
Rasheeda
8 months ago
Setting the service to application-default on the Service/URL. Category tab could also be a good choice.
upvoted 0 times
...
Tanja
8 months ago
I think configuring a file blocking security profile on the Actions tab is the way to go.
upvoted 0 times
...
Barrett
8 months ago
Option B does seem like the most reliable choice. Blocking at the file level would ensure that the application is completely prevented from running.
upvoted 0 times
...
...
Nilsa
8 months ago
Hmm, this question seems a bit tricky. I'm not entirely sure about the best approach here, but I'm leaning towards option B. Configuring a file blocking security profile seems like it would be the most comprehensive way to block a specific application.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77