Palo Alto Networks Exam NGFW-Engineer Topic 2 Question 7 Discussion

Actual exam question for Palo Alto Networks's NGFW-Engineer exam

Question #: 7
Topic #: 2

When configuring a Zone Protection profile, in which section (protection type) would an NGFW engineer configure options to protect against activities such as spoofed IP addresses and split handshake session establishment attempts?

AFlood Protection

BProtocol Protection

CPacket-Based Attack Protection

DReconnaissance Protection

Show Suggested Answer

Suggested Answer: B

In the context of a Zone Protection profile, Protocol Protection is the section used to configure protections against activities such as spoofed IP addresses and split handshake session establishment attempts. These types of attacks typically involve manipulating protocol behaviors, such as IP address spoofing or session hijacking, and are mitigated by the Protocol Protection settings.

by Shawnna at May 04, 2025, 08:54 PM

Limited Time Offer

25%

Off

Get Premium NGFW-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Harris

4 days ago

Ooh, this is a tricky one. I'm going to go with B, Protocol Protection. Seems like the NGFW would need to analyze the protocol behavior to catch those shenanigans.

upvoted 0 times

...

Otis

11 days ago

Hmm, I was leaning towards option D, Reconnaissance Protection. Detecting attempts to map your network and open ports sounds like it would cover those types of attacks, no?

upvoted 0 times

...

Delsie

12 days ago

I think option C is the correct answer. Protecting against spoofed IPs and split handshakes seems like a packet-based attack, so that makes the most sense to me.

upvoted 0 times

Dick

5 days ago

I think option C is the correct answer.

upvoted 0 times

...