Palo Alto Networks CloudSec-Pro Exam - Topic 5 Question 8 Discussion

Actual exam question for Palo Alto Networks's CloudSec-Pro exam

Question #: 8
Topic #: 5

Which ban for DoS protection will enforce a rate limit for users who are unable to post five (5) ''. tar.gz" files within five (5) seconds?

AOne with an average rate of 5 and file extensions match on ''. tar.gz' on Web Application and API Security (WAAS)

BOne with an average rate of 5 and file extensions match on ''. tar.gz' on Cloud Native Network Firewall (CNNF)

COne with a burst rate of 5 and file extensions match on ''. tar.gz' on Web Application and API Security (WAAS) *

DOne with a burst rate of 5 and file extensions match on ''. tar.gz' on Cloud Native Network Firewall (CNNF)

Show Suggested Answer

Suggested Answer: A

In the context of DoS protection, enforcing a rate limit is a common strategy to prevent abuse and ensure service availability. The scenario described involves limiting the rate at which users can post '.tar.gz' files to five within five seconds. The correct ban configuration for this requirement would be one that specifies an average rate of 5 with a file extension match on ''.tar.gz' within the Web Application and API Security (WAAS) component of a security solution like Prisma Cloud. WAAS is designed to protect web applications and APIs from various threats, including DoS attacks, by applying policies that can limit actions based on specific criteria, such as file types and request rates. This configuration ensures that any attempt to upload more than five '.tar.gz' files within a five-second window would be detected and blocked, mitigating the risk of DoS attacks targeting this particular file upload functionality.

by Otis at Apr 09, 2026, 08:21 PM

Limited Time Offer

25%

Off

Get Premium CloudSec-Pro Questions as Interactive Web-Based Practice Test or PDF