Palo Alto Networks Exam PCNSE Topic 9 Question 55 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks Certified Security Engineer PAN-OS 11.0 exam

Question #: 55
Topic #: 9

[All Palo Alto Networks Certified Security Engineer PAN-OS 11.0 Questions]

A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts trying to phone-home or beacon out to external command-and-control (C2) servers.

Which security Profile type will prevent these behaviors?

AWildFire

BAnti-Spyware

CVulnerability Protection

DAntivirus

Show Suggested Answer

Suggested Answer: B

https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/anti-spyware-profiles

Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients. You can apply various levels of protection between zones. For example, you may want to have custom Anti-Spyware profiles that minimize inspection between trusted zones, while maximizing inspection on traffic received from an untrusted zone, such as internet-facing zones.

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-profiles

by Kallie at Jul 26, 2022, 04:57 AM

Limited Time Offer

25%

Off

Get Premium PCNSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!