A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts trying to phone-home or beacon out to external command-and-control (C2) servers.
Which Security Profile type will prevent these behaviors?
The Anti-Spyware Security Profile is specifically designed to block spyware on compromised hosts from attempting to phone-home or beacon out to external command-and-control (C2) servers, thereby allowing detection of malicious traffic leaving the network from infected clients.
https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/anti-spyware-profiles Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients. You can apply various levels of protection between zones. For example, you may want to have custom Anti-Spyware profiles that minimize inspection between trusted zones, while maximizing inspection on traffic received from an untrusted zone, such as internet-facing zones. A is Correct
Anti-spyware https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-profiles
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/security-profiles
Option A https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware
A is correct
Best Practices Security Profiles Attach an Anti-Spyware profile to all allowed traffic to detect command-and-control traffic (C2) initiated from malicious code running on a server or endpoint and prevent compromised systems from establishing an outbound connection from your network. https://docs.paloaltonetworks.com/best-practices/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles#ide042a854-cf6c-4535-a54b-6def3b2350ed_id17A29C0201H:~:text=may%20carry%20threats.-,Best%20Practice%20Internet%20Gateway%20Antivirus%20Profile,-Clone%20the%20default