Palo Alto Networks System Engineer – Strata — Question 33
In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains? (Choose three.)
Answer options
- A. benign
- B. government
- C. command and control (C2)
- D. malware
- E. grayware
Correct answer: C, D, E
Explanation
The correct answers are C, D, and E because DNS Security in PAN-OS 10.0 and later is designed to apply policies to command and control (C2) domains, malware domains, and grayware domains. Options A and B, which refer to benign and government domains, do not represent threats that DNS Security would typically target.