ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam NetSec-Generalist All Questions

View all questions & answers for the NetSec-Generalist exam
Go to Exam

Exam NetSec-Generalist topic 1 question 54 discussion

Actual exam question from Palo Alto Networks's NetSec-Generalist
Question #: 54
Topic #: 1
[All NetSec-Generalist Questions]

At a minimum, which action must be taken to ensure traffic coming from outside an organization to the DMZ can access the DMZ zone for a company using private IP address space?

  • A. Configure static NAT for all incoming traffic.
  • B. Create NAT policies on post-NAT addresses for all traffic destined for DMZ.
  • C. Configure NAT policies on the pre-NAT addresses and post-NAT zone.
  • D. Create policies only for pre-NAT addresses and any destination zone.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by scanossa at Nov. 5, 2025, 7:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
scanossa
3 days, 1 hour ago
Selected Answer: A
The NAT policy should not have a post-NAT zone. When configuring the NAT rule, both zones and addresses must be pre-NAT.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel