Which two methods should be used to identify the dependent applications for the respective rule?

An administrator creates an application-based security policy rule and commits the change to the firewall.

Which two methods should be used to identify the dependent applications for the respective rule? (Choose two.)
A . Use the show predefined xpath <value> command and review the output.
B. Review the App Dependency application list from the Commit Status view.
C. Open the security policy rule and review the Depends On application list.
D. Reference another application group containing similar applications.

View Answer

Answer: B,C

Explanation:

These two methods allow the administrator to see the dependent applications for a security policy rule that uses application-based criteria. The App Dependency application list shows the applications that are required for the rule to function properly1. The Depends On application list shows the applications that are implicitly added to the rule based on the predefined dependencies2.

References:

1: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/app-id-features/simplified-application-dependency-workflow

2: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/app-id/use-application-objects-in-policy/resolve-application-dependencies