Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 292

Which profile must be applied to the Security policy rule to block spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers?

Answer options

Correct answer: A

Explanation

The correct answer is A, Anti-spyware, as this profile is specifically designed to detect and block spyware attempting to communicate with C2 servers. The other options, such as File blocking, WildFire, and URL filtering, serve different purposes and do not directly address the issue of stopping spyware communications.