Palo Alto Networks Network Security Analyst — Question 13

A Palo Alto Networks NGFW for a high-security environment is being configured and requires a security profile group that includes vulnerability protection.
When configuring the action based on the severity of the threat types, what does Palo Alto Networks recommend?

Answer options

• A. Use action "allow" for critical high, and medium vulnerabilities.
• B. Use action "alert" for critical, high, and medium vulnerabilities.
• C. Use action "default" for critical, high, and medium vulnerabilities.
• D. Use action "reset-both" for critical, high, and medium vulnerabilities.

Correct answer: C

Explanation

Palo Alto Networks recommends using the 'default' action for critical, high, and medium vulnerabilities to ensure that appropriate measures are taken without overly permissive settings. The 'allow' action (A) could expose the network to threats, while 'alert' (B) does not mitigate risks effectively, and 'reset-both' (D) could disrupt legitimate traffic and services.