Palo Alto Networks Exam PCNSA Topic 2 Question 87 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam

Question #: 87
Topic #: 2

Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute illegal or unethical material?

APalo Alto Networks Bulletproof IP Addresses

BPalo Alto Networks C&C IP Addresses

CPalo Alto Networks Known Malicious IP Addresses

DPalo Alto Networks High-Risk IP Addresses

Show Suggested Answer

Suggested Answer: A

To block hosts that use bulletproof hosts to provide malicious, illegal, and/or unethical content,use the bulletproof IP address list in policy.

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/content-inspection-features/edl-for-bulletproof-isps#:~:text=A%20new%20built%2Din%20external,%2C%20illegal%2C%20and%20unethical%20content.

by Alesia at Apr 30, 2025, 04:46 AM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Judy

3 days ago

I'm going with C. Blocking known malicious IPs is like putting up a 'No Trespassing' sign for hackers. They'll just find another way in if you don't address the root problem.

upvoted 0 times

...

Joana

4 days ago

D) Palo Alto Networks High-Risk IP Addresses could also work, as it's likely these hosting providers would be considered high-risk. Just gotta make sure the definition of 'high-risk' is broad enough.

upvoted 0 times

...

Salley

6 days ago

I think C) Palo Alto Networks Known Malicious IP Addresses would be useful for preventing traffic from hosting providers that allow illegal content.

upvoted 0 times

...

Shelba

15 days ago

C) Palo Alto Networks Known Malicious IP Addresses seems like the best option to prevent traffic from these types of hosting providers. Blocking known malicious IPs is a common security practice.

upvoted 0 times

...