ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam SSE-Engineer All Questions

View all questions & answers for the SSE-Engineer exam
Go to Exam

Exam SSE-Engineer topic 1 question 38 discussion

Actual exam question from Palo Alto Networks's SSE-Engineer
Question #: 38
Topic #: 1
[All SSE-Engineer Questions]

A malicious user is attempting to connect to a blocked website by crafting a packet using a fake SNI and the correct website in the HTTP host header.
Which option will prevent this form of attack?

  • A. Advanced Threat Prevention option to block “Domain Fronting”
  • B. Advanced URL Filtering and block the “Malicious Behavior” category
  • C. Advanced URL Filtering and block “SNI mismatch with Server Certificate (SAN/CN)”
  • D. SSL Decryption to “Block sessions on SNI mismatch with Server Certificate (SAN/CN)”
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Pretorian at April 9, 2025, 11:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pretorian
2 months, 1 week ago
Selected Answer: D
It appears the right answer is D: https://docs.paloaltonetworks.com/network-security/decryption/administration/decryption-overview/decryption-profiles
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel