Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 51

A client has a sensitive application server in their data center and is particularly concerned about session flooding because of denial-of-service attacks.
How can the Palo Alto Networks NGFW be configured to specifically protect this server against session floods originating from a single IP address?

Answer options

• A. Add an Anti-Spyware Profile to block attacking IP address
• B. Define a custom App-ID to ensure that only legitimate application traffic reaches the server
• C. Add QoS Profiles to throttle incoming requests
• D. Add a tuned DoS Protection Profile

Correct answer: D

Explanation

The correct answer is D, as a tuned DoS Protection Profile can specifically monitor and mitigate session floods by limiting the number of concurrent sessions from a single IP address. Options A and B do not directly address session flooding, while option C focuses on throttling requests rather than providing targeted flood protection.