Q: 2
A user connected to Prisma Access reports that traffic intermittently is denied after matching a
Catch-All Deny rule at the bottom and bypassing HIP-based policies. Refreshing VPN connection
restores the access.
What are two reasons for this behavior? (Choose two.)
Options
Discussion
B , I think A is more of a trap because intermittent issues match mapping loss and report timing better.
C/D? I see why D looks tempting since policies could be scheduled, but pretty sure A is needed as well because without "Collect HIP data" you can't enforce those HIP checks in the first place. Might be missing something, though!
C and D tbh, not totally sure since the HIP thing always confuses me. Anyone else see it this way?
Be respectful. No spam.
