Free Palo Alto Networks SSE-Engineer Actual Exam Questions - Question 5 Discussion
GlobalProtect folder. All security rules are using the Default Prisma Profile. The intern reports that
the options are greyed out and cannot be modified when selecting the Default Prisma Profile.
Based on the image below, which action will allow the intern to make the required modifications?
Yeah, default profiles are locked down, so C sounds right to me.
C imo, default profiles are typically locked and can’t be edited directly.
Option C makes sense because default profiles are often locked to prevent direct edits, so creating a new profile is usually needed to customize settings. The greyed-out options hint at that restriction.
C/D? The Default Prisma Profile is usually locked, so you can’t edit it directly, which fits option C. Creating a new profile is generally the way to go. D sounds off because best-practice profiles often aren’t meant to be tweaked directly but rather used as templates. B about changing scope might be tempting, but it’s probably more about profile restrictions than scope access. A seems unrelated since the issue is greyed-out options due to default profile restrictions, not access permissions. So, making a new profile to customize settings seems like the right move here.
Maybe C makes the most sense here because default profiles are usually locked to prevent accidental changes—so you have to create a new one to customize settings. The greyed-out options hint that the Default Prisma Profile can’t be edited directly. Also, A and B don’t seem to address the core issue of locked default profiles, and D’s idea about modifying might not apply since these profiles are typically read-only. Creating a new profile is the cleanest way to ensure changes without affecting global defaults.
C because default profiles are usually locked and can't be changed directly.
C - Default profiles are locked, so creating a new one is necessary.
C/D? The default profile is usually locked to prevent changes, so creating a new one (C) makes sense. But if those best-practice profiles can’t be removed or modified directly (D), then maybe the actual way is to create a new profile and apply it instead of trying to tweak the default. Either way, editing the default is blocked, so the intern needs to work with a custom profile rather than trying to unlock the original.
Yeah, the greyed-out options usually mean the default profiles are locked down. D doesn’t fit since best-practice profiles can’t just be modified freely, and A/B don’t address the core issue of default profile restrictions. So creating a new profile as in C makes the most sense here.
It’s C. Default profiles like the Default Prisma Profile are usually locked down to prevent edits, so creating a new profile is the only way to make changes here.
C imo, default profiles are generally locked to avoid accidental edits, so creating a new profile is usually the way to go here. The greyed-out options strongly suggest you can't modify the default directly.
Option C, default profiles are locked so you need to create a new one to edit.
C, default profiles are generally locked to prevent accidental changes, so making a new custom profile is usually required to apply any modifications.
C imo. Default profiles in Prisma Access are usually read-only to keep baseline security intact. You can’t modify them directly, so creating a new custom profile is the way to go. That lets you tailor settings without breaking anything global or default. Seems straightforward given the greyed-out options.
Looks like the default profiles are usually locked. I think C makes sense here: create a new profile since default ones can't be changed.