Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Palo-Alto-Networks Discussions

Exam PCNSA topic 1 question 53 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 53
Topic #: 1
[All PCNSA Questions]

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.
Which security profile components will detect and prevent this threat after the firewall's signature database has been updated?

  • A. antivirus profile applied to outbound security policies
  • B. data filtering profile applied to inbound security policies
  • C. data filtering profile applied to outbound security policies
  • D. vulnerability profile applied to inbound security policies
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by bobby14 at June 13, 2021, 5:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
bobby14
Highly Voted 2 years, 10 months ago
Correct answer is A, only AV, URL filtering, Wilfire & Anti spyware can block C2. Data filtering is DLP (data lost prevention) so wrong answer.
upvoted 14 times
colintkn
2 years, 9 months ago
agreed A is the answer
upvoted 1 times
...
fatehz
2 years, 9 months ago
totally agree
upvoted 1 times
...
...
ntir
Most Recent 3 months, 2 weeks ago
Correct Answer A
upvoted 1 times
...
Merlin0o
1 year, 3 months ago
Selected Answer: A
Should be A
upvoted 1 times
...
Mouna_cert
1 year, 4 months ago
answer A : https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-upgrade/software-and-content-updates/dynamic-content-updates#:~:text=Antivirus%20updates%20are%20released%20every,ll%20need%20a%20WildFire%20subscription.
upvoted 2 times
...
DDisGR8
1 year, 8 months ago
Selected Answer: A
A is the correct option
upvoted 2 times
...
AHMEDEMAM
1 year, 8 months ago
Which administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server. Which security profile components will detect and prevent this threat after the firewall`s signature database has been updated?
upvoted 1 times
AHMEDEMAM
1 year, 8 months ago
I think the correct answer is absent the correct answer "Spyware profile applied to outbound security policies" Not AV or sure Data Filtering . But AV profile may be near to the right
upvoted 5 times
davidmdlp85
1 week, 3 days ago
Wrong Use Data Filtering Profiles to prevent sensitive, confidential, and proprietary information from leaving your network. Predefined patterns, built-in settings, and customizable options make it easy for you to protect files that contain certain file properties (such as a document title or author), credit card numbers, regulated information from different countries (like social security numbers), and third-party data loss prevention (DLP) labels.
upvoted 1 times
...
...
...
delorean
1 year, 8 months ago
Selected Answer: C
The best answer is C. Data filtering can be used for blocking uploads that match file and data pattern upload. It is explaind in PCNSA Study Guide at page 27.
upvoted 1 times
...
Hargert
1 year, 9 months ago
Selected Answer: A
The correct answer is A.
upvoted 1 times
...
kewokil120
1 year, 11 months ago
Selected Answer: A
A is correct
upvoted 1 times
...
LordScorpius
2 years ago
Selected Answer: A
"data filtering" cannot be correct. URL filtering would be however, it ain't no where's to be seen.
upvoted 1 times
...
Luongchacha1
2 years, 1 month ago
Best answer is C, read PCNSA Study Guide at page 27. Because Antivirus Profile can prevent downloading spyware from internet (inboud traffic). In this question, user has been infected. Now malware establish a connection with C2 Server and leak client's data to outsite (Outbound). You can use Data Filter to prevent exfiltration. Also use Anti-spam profile but that's not listed in this question.
upvoted 4 times
LordScorpius
2 years ago
That's not what the question reads.
upvoted 1 times
...
...
Grandslam
2 years, 3 months ago
Selected Answer: A
Palo Alto Networks Certified Network Security Administrator Study Guide page 61 Antivirus: Includes new and updated antivirus signatures, including WildFire signatures and automatically generated command-and-control (C2) signatures. WildFire signatures detect malware seen first by firewalls from around the world. You must have a Threat Prevention subscription to get these updates. New antivirus signatures are published daily.
upvoted 3 times
...
bariloch1
2 years, 5 months ago
Only A
upvoted 1 times
...
Kane002
2 years, 5 months ago
A. C is technically possible, but it's talking about updating signature databases, the answer is clearly hinting at the AV profile.
upvoted 2 times
...
Whiskey20
2 years, 8 months ago
but you can block outbound C2 communications with traffic that matches file and data patterns with a Data filtering profile. Study Guide (July 2021 page 37) Actions on the Objective.
upvoted 2 times
deezy0804
2 years, 7 months ago
while this is true, the question is only asking which one will inherently prevent C2. You have to manually configure a solution in the case of answer C. Answer A will protect against this communication as the signature is updated.
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel