Which three activities can the botnet report track? (Choose three.)
Which three activities can the botnet report track? (Choose three.)
The botnet report tracks activities that may indicate the presence of a botnet. It includes accessing domains registered in the last 30 days, visiting malicious URLs, and using dynamic DNS domain providers. These actions are commonly associated with botnet behavior, where attackers use recently registered domains for malicious purposes and dynamic DNS services to evade detection. Monitoring these activities helps in identifying and mitigating potential botnet threats.
ABF, refer to the link: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/view-and-manage-reports/generate-botnet-reports
ABF looks correct.
ABF are correct
The botnet report enables you to use heuristic and behavior-based mechanisms to identify potential malware- or botnet-infected hosts in your network. To evaluate botnet activity and infected hosts, the firewall correlates user and network activity data in Threat, URL, and Data Filtering logs with the list of malware URLs in PAN-DB, known dynamic DNS domain providers, and domains registered within the last 30 days.
acf it should be acf
should be abf
ABF, To evaluate botnet activity and infected hosts, the firewall correlates user and network activity data in Threat, URL, and Data Filtering logs with the list of malware URLs in PAN-DB, known dynamic DNS domain providers, and domains registered within the last 30 days
should be ABF