Which two Security profile actions can only be applied to DoS Protection profiles? (Choose two.)
Which two Security profile actions can only be applied to DoS Protection profiles? (Choose two.)
The two actions that can only be applied to DoS Protection profiles are SYN cookies and Random Early Drop. SYN cookies help in mitigating SYN flood attacks by ensuring TCP connections are properly established before resources are committed. Random Early Drop randomly drops packets before the queue is full to prevent congestion, which is particularly useful in mitigating DoS attacks. These actions are specifically designed to counter DoS attacks, whereas Reset-server and Reset-both are general actions that can be applied in other security profiles.
C,D verified on our firewall
verified in FW
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/zone-protection-and-dos-protection/dos-protection-against-flooding-of-new-sessions/configure-dos-protection-against-flooding-of-new-sessions step2 nummer4
SYN Cookies and Random Early Drop