Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 25

If the firewall is configured for credential phishing prevention using the `Domain Credential Filter` method, which login will be detected as credential theft?

Answer options

• A. Mapping to the IP address of the logged-in user.
• B. First four letters of the username matching any valid corporate username.
• C. Using the same user's corporate username and password.
• D. Matching any valid corporate username.

Correct answer: C

Explanation

The correct answer is C because using the same corporate username and password directly indicates that credentials are being stolen. The other options do not involve actual credential usage, making them less relevant for detecting phishing attempts.