Palo Alto Networks Exam PCNSA Topic 4 Question 64 Discussion

Actual exam question for Palo Alto Networks's PCNSA exam

Question #: 64
Topic #: 4

Which administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.

Which security profile components will detect and prevent this threat after the firewall`s signature database has been updated?

Aantivirus profile applied to outbound security policies

Bdata filtering profile applied to inbound security policies

Cdata filtering profile applied to outbound security policies

Dvulnerability profile applied to inbound security policies

Show Suggested Answer

Suggested Answer: B

Option B enables the required traffic by allowing SSL and web-browsing from UNTRUST to DMZ, denying SSH from UNTRUST to DMZ, allowing MYSQL from DMZ to SERVER, and allowing SSH from SERVER to DMZ. Option A allows SSH from UNTRUST to DMZ, which is not required. Option C denies all the required traffic.Option D denies all traffic from UNTRUST to TRUST, which is irrelevant to the question

https://www.paloaltonetworks.com/services/education/palo-alto-networks-certified-network-security-administrator

by Laurel at May 23, 2024, 07:04 AM

Limited Time Offer

25%

Off

Get Premium PCNSA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Isabelle

1 months ago

Wouldn't it be funny if the answer was 'All of the above'? Guess we'll have to wait and see!

upvoted 0 times

...

Lenora

1 months ago

I'm with Kirby on this one. The data filtering profile seems like the best way to catch that sneaky C2 traffic.

upvoted 0 times

...

Avery

1 months ago

Haha, I bet the vulnerability profile (D) is gonna be the one that stops the infection. Gotta love those security profiles!

upvoted 0 times

Billy

9 days ago

User 4: Yeah, those security profiles are essential for keeping our network safe.

upvoted 0 times

...

Clay

20 days ago

User 3: I'm with you, I think the vulnerability profile (D) applied to inbound security policies is the key.

upvoted 0 times

...

Josphine

21 days ago

User 2: I believe the data filtering profile (C) applied to outbound security policies will do the trick.

upvoted 0 times

...

Sherly

22 days ago

User 1: I think the antivirus profile (A) will detect and prevent the threat.

upvoted 0 times

...

Glynda

2 months ago

I'm not so sure about that. The antivirus profile applied to outbound security policies (A) might also be able to detect and block the malware traffic.

upvoted 0 times

Colby

7 days ago

User 1

upvoted 0 times

...

Leota

11 days ago

User 1: I think the antivirus profile applied to outbound security policies (A) would be able to detect and prevent the malware.

upvoted 0 times

...

Eden

14 days ago

User 2

upvoted 0 times

...

Iola

1 months ago

User 1

upvoted 0 times

...

Marge

2 months ago

I'm not sure, but I think the data filtering profile applied to outbound security policies could also work to prevent the threat.

upvoted 0 times

...

Kirby

3 months ago

Hmm, I think the correct answer is C. The data filtering profile applied to outbound security policies would be able to detect and prevent the infected host from contacting the C2 server.

upvoted 0 times