An administrator wants to prevent users from unintentionally accessing malicious domains where data can be exfiltrated through established connections to remote systems.
From the Pre-defined Categories tab within the URL Filtering profile, what is the right configuration to prevent such connections?
To prevent users from unintentionally accessing malicious domains where data can be exfiltrated through established connections to remote systems, the Command and Control category should be set to block. Command and Control (C2) refers to the URLs and domains used by malware or compromised systems to communicate with an attacker's remote server, which can lead to data exfiltration. Blocking this category will effectively prevent such connections.
Go to Objects -> Security Profiles -> URL Filtering -> Categories tab -> Search for Command-and-Control and set the action to Block D is the right answer.
There is not such category as command and control , they all come under malware category by setting "malware" to Block would achieve this. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5hCAC
Ignore my command above, there is Command and control category so D is correct answer
Command-and-control (C2) URLs and domains used by malware or compromised systems to surreptitiously communicate with an attacker's remote server to receive malicious commands or exfiltrate data.
Malware doesn't inherently establish connections to remote servers. Command and control (C2) does this by definition. Answer is D.
Set COMMAND AND CONTROL category to block. This is the correct answer
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/url-filtering/url-categories/url-category-best-practices
I think that the correct answer is D Command-and-control is defined by Palo Alto Networks as URLs and domains used by malware and/or compromised systems to surreptitiously communicate with an attacker's remote server to receive malicious commands or exfiltrate data