Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCNSA Topic 1 Question 83 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam
Question #: 83
Topic #: 1
[All PCNSA Questions]

Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic?

Show Suggested Answer Hide Answer
Suggested Answer: A

The show system fqdn command displays the FQDN objects configured on the firewall and their resolved IP addresses. This can help confirm if the FQDN objects are resolved correctly and if they match the expected traffic. A shadow rule is a rule that is never matched because a preceding rule covers the same traffic. If a shadow rule uses FQDN objects, it is possible that the FQDN objects are not resolved or have different IP addresses than the traffic, causing the rule to be ineffective.


by Moon at Feb 12, 2025, 05:24 AM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Hana
21 days ago
A) URL traffic, because who doesn't love a good game of 'Guess the Malicious Website'?
upvoted 0 times
...
Ivette
26 days ago
D) antivirus, hands down. Gotta keep those viruses at bay and my network squeaky clean!
upvoted 0 times
Adaline
3 days ago
A) URL traffic
upvoted 0 times
...
...
Kimberely
27 days ago
C) anti-spyware, all the way! Can't have those sneaky spies snooping around my network.
upvoted 0 times
...
Omega
29 days ago
Definitely going with B) vulnerability protection. Gotta stop those pesky vulnerabilities in their tracks!
upvoted 0 times
Bettyann
4 days ago
I think C) anti-spyware could also be helpful in detecting any suspicious activity.
upvoted 0 times
...
Johanna
20 days ago
I agree, B) vulnerability protection is crucial for identifying infected hosts.
upvoted 0 times
...
...
Jenifer
1 months ago
Hmm, using DNS traffic to identify infected hosts? Sounds like a job for the 'DNS Whisperer' security profile.
upvoted 0 times
Hoa
2 days ago
B) vulnerability protection
upvoted 0 times
...
Carma
4 days ago
A) URL traffic
upvoted 0 times
...
...
Andra
2 months ago
I'm not sure, but I think C) anti-spyware could also be a good option for this.
upvoted 0 times
...
Rosendo
2 months ago
I agree with Kara, antivirus makes sense for identifying infected hosts.
upvoted 0 times
...
Kara
2 months ago
I think the answer is D) antivirus.
upvoted 0 times
...

Save Cancel