Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 194
A security engineer needs to mitigate packet floods that occur on a set of servers behind the internet facing interface of the firewall.
Which Security Profile should be applied to a policy to prevent these packet floods?
Answer options
- A. Vulnerability Protection profile
- B. DoS Protection profile
- C. Data Filtering profile
- D. URL Filtering profile
Correct answer: B
Explanation
The correct answer is B, the DoS Protection profile, which specifically addresses and mitigates denial-of-service attacks, including packet floods. The other options, such as the Vulnerability Protection profile, focus on different aspects of security, while Data Filtering and URL Filtering profiles are more concerned with content inspection and access controls.