Examice

Exam PCNSE All QuestionsBrowse all questions from this exam

Question 382

A firewall administrator is investigating high packet buffer utilization in the company firewall. After looking at the threat logs and seeing many flood attacks coming from a single source that are dropped by the firewall, the administrator decides to enable packet buffer protection to protect against similar attacks.

The administrator enables packet buffer protection globally in the firewall but still sees a high packet buffer utilization rate.

What else should the administrator do to stop packet buffers from being overflowed?

Apply DOS profile to security rules allow traffic from outside.

Enable packet buffer protection for the affected zones.

Add the default Vulnerability Protection profile to all security rules that allow traffic from outside.

Add a Zone Protection profile to the affected zones

Correct Answer: B

After enabling packet buffer protection globally, the next step is to enable packet buffer protection for the affected zones. This provides an additional layer of defense to protect specific areas within the network, ensuring better control over buffer utilization and more effective mitigation of flood attacks.

Discussion

confusionOption: B

B First globally then on the zone.

happyismOption: B

B is correct; you must enable Packet Buffer Globally before you can enabled it per zone for a second level of protection You Configure Packet Buffer Protection globally to protect the entire firewall and also enable Packet Buffer Protection on each zone to protect zones

mysteryzjokerOption: B

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/zone-protection-and-dos-protection/zone-defense/packet-buffer-protection

MarshpillowzOption: B

B is correct

MetgatzOption: B

B Globally and then on the security zone

Betty2022Option: B

Agree,B

TAKUM1yOption: B

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/packet-buffer-protection