Learn how to configure email log forwarding in Palo Alto Networks devices for changes in decryption rules.
Table of Contents
Question
A root cause analysis investigation into a recent security incident reveals that several decryption rules have been disabled. The security team wants to generate email alerts when decryption rules are changed.
How should email log forwarding be configured to achieve this goal?
A. With the relevant system log filter inside Device > Log Settings
B. With the relevant configuration log filter inside Device > Log Settings
C. With the relevant configuration log filter inside Objects > Log Forwarding
D. With the relevant system log filter inside Objects > Log Forwarding
Answer
B. With the relevant configuration log filter inside Device > Log Settings
Explanation
Configuration logs in Palo Alto Networks devices record changes to the device’s configuration. This includes changes to policies and objects, such as decryption rules. By setting up a configuration log filter for decryption rule changes and configuring email log forwarding in Device > Log Settings, the security team can receive email alerts whenever a decryption rule is changed.
Palo Alto Networks PCNSE certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Palo Alto Networks PCNSE exam and earn Palo Alto Networks PCNSE certification.