Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 394
You receive notification about a new malware that infects hosts. An infection results in the infected host attempting to contact command-and-control server.
Which Security Profile, when applied to outbound Security policy rules, detects and prevents this threat from establishing a command-and-control connection?
Answer options
- A. Anti-Spyware Profile
- B. Data Filtering Profile
- C. Antivirus Profile
- D. Vulnerability Protection Profile
Correct answer: A
Explanation
The Anti-Spyware Profile is specifically designed to detect and block spyware and similar threats, including those that attempt to establish connections to command-and-control servers. The other profiles, such as Data Filtering, Antivirus, and Vulnerability Protection, focus on different aspects of security and may not effectively address this specific type of malware behavior.