Exam PSE Strata All QuestionsBrowse all questions from this exam
Question 31

Which three activities can the botnet report track? (Choose three.)

    Correct Answer: A, B, F

    The botnet report tracks activities that may indicate the presence of a botnet. It includes accessing domains registered in the last 30 days, visiting malicious URLs, and using dynamic DNS domain providers. These actions are commonly associated with botnet behavior, where attackers use recently registered domains for malicious purposes and dynamic DNS services to evade detection. Monitoring these activities helps in identifying and mitigating potential botnet threats.

Discussion
dnhanOptions: ABF

ABF, refer to the link: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/view-and-manage-reports/generate-botnet-reports

cb4251bOptions: ABF

ABF looks correct.

ck19Options: ABF

ABF are correct

JJ_512Options: ABF

The botnet report enables you to use heuristic and behavior-based mechanisms to identify potential malware- or botnet-infected hosts in your network. To evaluate botnet activity and infected hosts, the firewall correlates user and network activity data in Threat, URL, and Data Filtering logs with the list of malware URLs in PAN-DB, known dynamic DNS domain providers, and domains registered within the last 30 days.

Mohamad_SeifeldineOptions: ACF

acf it should be acf

luismendes21Options: ABF

should be abf

LostatSeaOptions: ABF

ABF, To evaluate botnet activity and infected hosts, the firewall correlates user and network activity data in Threat, URL, and Data Filtering logs with the list of malware URLs in PAN-DB, known dynamic DNS domain providers, and domains registered within the last 30 days

f143c37Options: ABF

should be ABF