Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 183
An administrator wants to prevent users from unintentionally accessing malicious domains where data can be exfiltrated through established connections to remote systems.
From the Pre-defined Categories tab within the URL Filtering profile, what is the right configuration to prevent such connections?
Answer options
- A. Set the hacking category to continue.
- B. Set the phishing category to override.
- C. Set the malware category to block.
- D. Set the Command and Control category to block.
Correct answer: D
Explanation
The correct answer is D because blocking the Command and Control category is essential for preventing connections that could facilitate data exfiltration. Options A and B do not provide adequate protection against malicious domains, while option C, although useful, does not specifically target the established connections that Command and Control communications often utilize.