Review the screenshot below. Based on the information it contains, which protocol decoder will detect a machine-learning match, create a Threat log entry, and permit the traffic?
I think D
The question asks which protocol permits the traffic after detecting a machine-learning match.
Looking at the WildFire Inline ML Action column, only http2 has the action allow.
Other protocols (e.g., ftp, smb, imap) have either reset-both or alert, which would either block or just log the traffic.
Why not HTTP? Not too sure how IMAP can be used for machine learning.
Action Alert: generates an alert for each application traffic flow. The alert is saved in the threat log.
B is the correct answer.
According to the screenshot, only imap, pop3 and smtp have a default (alert) action, which generates an alert for each application traffic flow. The alert is saved in the threat log.
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/security-profiles
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.PCNSA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
fb48
Highly Voted 1 year, 5 months agomirko1976
Most Recent 5 months, 2 weeks agoZeruz
11 months, 3 weeks agomodems
1 year agoMarkGrootaarts
1 year, 3 months agoDlaEdu_Ex
1 year, 4 months ago