Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 525
You are auditing the work of a co-worker and need to verify that they have matched the Palo Alto Networks Best Practices for Anti-Spyware Profiles.
For which three severity levels should single-packet captures be enabled to meet the Best Practice standard? (Choose three.)
Answer options
- A. Critical
- B. High
- C. Medium
- D. Informational
- E. Low
Correct answer: A, B, C
Explanation
The correct answer includes Critical, High, and Medium severity levels because these levels represent the most significant threats that warrant immediate attention and detailed analysis through single-packet captures. Informational and Low severity levels do not require such detailed capture as they represent lesser threats that do not necessitate the same level of scrutiny.