Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 299

Which Security profile can be used to detect and block compromised hosts from trying to communicate with external command-and-control (C2) servers?

Answer options

• A. URL Filtering
• B. Antivirus
• C. Vulnerability
• D. Anti-Spyware

Correct answer: D

Explanation

The correct answer is D, Anti-Spyware, as it specifically targets malicious software that can connect to C2 servers. URL Filtering and Antivirus profiles serve different purposes, focusing on web content and known malware signatures, respectively, while Vulnerability profiles assess system weaknesses but do not actively block communication with C2 servers.