Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 75

You receive notification about a new malware that infects hosts. An infection results in the infected host attempting to contact a command-and-control server.
Which Security Profile detects and prevents this threat from establishing a command-and-control connection?

Answer options

• A. Vulnerability Protection Profile applied to outbound Security policy rules.
• B. Anti-Spyware Profile applied to outbound security policies.
• C. Antivirus Profile applied to outbound Security policy rules
• D. Data Filtering Profile applied to outbound Security policy rules.

Correct answer: B

Explanation

The Anti-Spyware Profile is specifically designed to detect and block communications with known command-and-control servers, making it the correct choice. The other options, such as Vulnerability Protection and Antivirus Profiles, focus on different aspects of security and do not directly target the behavior of malware attempting to connect to command-and-control servers.