The Cloud NGFW for AWS can capture and save which three types of logs? (Choose three.)
The Cloud NGFW for AWS can capture and save which three types of logs? (Choose three.)
The Cloud NGFW for AWS can capture and save Threat logs, which display entries when traffic matches one of the security profiles attached to a security rule on the firewall. It can also capture and save Traffic logs, which display an entry for the start and end of each session. Additionally, it captures Decryption logs, which display entries for unsuccessful TLS handshakes by default and can display entries for successful TLS handshakes if enabled in the Decryption policy.
Correct Answer: ACE Cloud NGFW can capture and save three types of logs. Traffic—Traffic logs display an entry for the start and end of each session. See Cloud NGFW for AWS Traffic Log Fields for more information. Threat—Threat logs display entries when traffic matches one of the security profiles attached to a security rule on the firewall. Each entry includes the following information: date and time; type of threat (such as virus or spyware); threat description or URL (Name column); alarm action (such as allow or block); and severity level. Decryption—Decryption logs display entries for unsuccessful TLS handshakes by default and can display entries for successful TLS handshakes if you enable them in Decryption policy.
https://docs.paloaltonetworks.com/cloud-ngfw/aws/cloud-ngfw-on-aws/create-cloud-ngfw-instances-and-endpoints/configure-logging-for-the-cloud-ngfw-on-aws
ACE Traffic Threat Decryption https://docs.paloaltonetworks.com/cloud-ngfw/aws/cloud-ngfw-on-aws/create-cloud-ngfw-instances-and-endpoints/configure-logging-for-the-cloud-ngfw-on-aws