A firewall administrator has completed most of the steps required to provision a standalone Palo Alto Networks Next-Generation Firewall. As a final step, the administrator wants to test one of the security policies.
Which CLI command syntax will display the rule that matches the test?
A . test security -policy- match source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number
B . show security rule source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number>
C . test security rule source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number>
D . show security-policy-match source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number>
test security-policy-match source
Answer: A
Explanation:
test security-policy-match source <source IP> destination <destination IP> protocol <protocol number>
https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Test-Which-Security-Policy-Applies-to-a-Traffic-Flow/ta-p/53693
Leave a Reply