ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 83 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 83
Topic #: 1
[All PCNSA Questions]

The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop. The malware contacted a known command- and-control server, which caused the infected laptop to begin exfiltrating corporate data.
Which security profile feature could have been used to prevent the communication with the command-and-control server?

  • A. Create an anti-spyware profile and enable DNS Sinkhole feature.
  • B. Create an antivirus profile and enable its DNS Sinkhole feature.
  • C. Create a URL filtering profile and block the DNS Sinkhole URL category
  • D. Create a Data Filtering Profiles and enable its DNS Sinkhole feature.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by chmani at Dec. 4, 2020, 7:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
chmani
Highly Voted 3 years, 5 months ago
is this correct as i have seen in palo exam correct answer was "A" (create anti-spyware profile with dns sink hole?
upvoted 21 times
...
nabilzay
Highly Voted 3 years, 4 months ago
DNS sinkhole is configured under an anti-spyware profile, A should be the correct option
upvoted 9 times
...
Rivand
Most Recent 7 months, 2 weeks ago
Selected Answer: A
It's A
upvoted 1 times
...
Veasna_shadow
8 months, 2 weeks ago
Selected Answer: A
Which security profile feature could have been used to prevent the communications with the command and control server? Which security profile feature could have been used to prevent the communication with the command-and-control server? Create an anti-spyware profile and enable DNS Sinkhole feature.
upvoted 3 times
...
blu_gandalf
11 months, 3 weeks ago
just answered in Practice exam , its A
upvoted 1 times
...
[Removed]
1 year, 2 months ago
a is the correct answer https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGECA0 Configure the DNS Sinkhole action in the Anti-Spyware profile. Click on the Objects > Anti-Spyware under Security Profiles..
upvoted 2 times
...
ACPM
1 year, 2 months ago
Selected Answer: A
Answer is A: Anti-spyware
upvoted 1 times
...
LordScorpius
2 years, 1 month ago
Selected Answer: A
Palo connects "anti-spyware" directly with C&C in all their literature.
upvoted 3 times
...
error_909
2 years, 1 month ago
Selected Answer: A
the question is asking about how to prevent " to prevent the communication with the command-and-control server?" so the answer here is A. beside That, DNS Sinkhole is only configurable under Anti-spyware :)
upvoted 2 times
...
zeebo340
2 years, 1 month ago
Correct answer is A
upvoted 1 times
...
javim
2 years, 1 month ago
Selected Answer: D
"begin exfiltrating corporate data." The correct answer is D, Data filtaring profile to avoid exfiltrate corporate data
upvoted 1 times
error_909
2 years, 1 month ago
the sinkhole is a feature of antispyware.
upvoted 1 times
...
...
Rider85
2 years, 2 months ago
A is de correct
upvoted 1 times
...
Jheax
2 years, 2 months ago
Selected Answer: A
Sinkhole is configured in Anti-spyware
upvoted 1 times
...
francisco87
2 years, 4 months ago
Selected Answer: A
A is the correct answer
upvoted 1 times
...
H3kerman
2 years, 5 months ago
Selected Answer: A
A should be correct
upvoted 2 times
...
ramasamymuthiah
3 years ago
Correct answer is A
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago