Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 306

Which two Security profile actions can only be applied to DoS Protection profiles? (Choose two.)

Answer options

• A. Reset-server
• B. Reset-both
• C. SYN cookies
• D. Random Early Drop

Correct answer: C, D

Explanation

The correct answers, C and D, refer specifically to features that are designed to mitigate denial-of-service attacks. SYN cookies are used to handle SYN flood attacks, while Random Early Drop is a method to manage congestion in network traffic. Options A and B pertain to server reset actions that do not specifically apply to DoS Protection profiles.