Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 60

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command- and-control (C2) server.
Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Answer options

• A. vulnerability protection profile applied to outbound security policies
• B. anti-spyware profile applied to outbound security policies
• C. antivirus profile applied to outbound security policies
• D. URL filtering profile applied to outbound security policies

Correct answer: B, C

Explanation

The anti-spyware profile (B) is designed to detect and block spyware and similar threats, making it effective against malware that communicates with a C2 server. The antivirus profile (C) scans for and prevents known malware, including those that may attempt to contact such servers. The vulnerability protection profile (A) focuses on preventing exploitation of known vulnerabilities, and URL filtering (D) is aimed at controlling access to specific websites, neither of which directly addresses the malware communication threat.