Which log type would provide information about traffic blocked by a Zone Protection profile?
Which log type would provide information about traffic blocked by a Zone Protection profile?
Information about traffic blocked by a Zone Protection profile is typically found in the Threat logs. The Threat logs contain details about various security-related events, including those events where traffic is blocked due to Zone Protection policies like DoS attacks, IP spoofing, and floods. Therefore, the most appropriate log type for this information is Threat.
c: Threat logs The threat logs will show events related to zone protection. In the screenshot below, ICMP flood protection was triggered by the Zone Protection policy:
This question was on the exam.. Nov 2023
C is correct
Reference: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhzCAC