Given the following snippet of a WildFire submission log, did the end-user get access to the requested information and why or why not?
Given the following snippet of a WildFire submission log, did the end-user get access to the requested information and why or why not?
In the provided WildFire submission log snippet, the action for the wild-fire type is set to 'allow', which means that the end-user was granted access to the requested information despite the verdict being 'malicious' and the severity being 'high'. The 'allow' action prioritizes permitting access over the malicious verdict in this context.
This question was on the exam.. Nov 2023
Refer to Q300
The answer to that question is the same: "yes, because the action is set to allow".
As long as the action is set to allow, then it will still allow it. Threats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool. WildFire Submissions log entries with a malicious verdict and an action set to allow are logged as High. https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/view-and-manage-logs/log-types-and-severity-levels/threat-logs#id5cea1511-a153-4005-9d5f-ab2482e838ae
Correct answer B https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/view-and-manage-logs/log-types-and-severity-levels/wildfire-submissions-logs
Correct answer B https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/view-and-manage-logs/log-types-and-severity-levels/wildfire-submissions-logs
B is correct