Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCNSA Topic 1 Question 83 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam
Question #: 83
Topic #: 1
[All PCNSA Questions]

Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic?

Show Suggested Answer Hide Answer
Suggested Answer: A

The show system fqdn command displays the FQDN objects configured on the firewall and their resolved IP addresses. This can help confirm if the FQDN objects are resolved correctly and if they match the expected traffic. A shadow rule is a rule that is never matched because a preceding rule covers the same traffic. If a shadow rule uses FQDN objects, it is possible that the FQDN objects are not resolved or have different IP addresses than the traffic, causing the rule to be ineffective.


by Moon at Feb 12, 2025, 05:24 AM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Andra
9 days ago
I'm not sure, but I think C) anti-spyware could also be a good option for this.
upvoted 0 times
...
Rosendo
13 days ago
I agree with Kara, antivirus makes sense for identifying infected hosts.
upvoted 0 times
...
Kara
14 days ago
I think the answer is D) antivirus.
upvoted 0 times
...

Save Cancel