Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Of the listed options, only inbound traffic flow inspection can directly protect against zero-day attacks.
Here's why the other options are less effective:
* Outbound: This inspects traffic leaving the network, which wouldn't necessarily catch malicious code entering from outside.
* North-south: This refers to traffic between the internet and the internal network, which includes both inbound and outbound traffic. While inbound traffic is part of north-south flow, it's not the only component.
* Internal: This inspects traffic within the internal network, useful for malware detection but not specifically zero-day attacks at the entry point.
* East-west: Similar to internal traffic, this focuses on communication between devices within the network, not necessarily catching external threats.
Therefore, the most relevant option for zero-day protection is "C": Inbound
By inspecting inbound traffic, firewalls can potentially identify and block suspicious activity even if it exploits an unknown vulnerability (zero-day).
I choose ""Outbound", "Inbound", and "Internal" because those are terms used with the official IronSkillet object tags and security profile names. So those terms are likely more correct when considering "Palo Alto Terminology" versus using the terms "North-South" and "East-West".
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Doobiedoo
1 week, 5 days agoDoobiedoo
1 week, 5 days ago