confirm c https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-new-features/globalprotect-features/identification-and-quarantine-of-compromised-devices.html

After you identify a device as compromised (for example, if a device has been infected with malware and is performing command and control actions), you can manually add the device’s Host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to the GlobalProtect gateway from a quarantined device. You can also automatically quarantine the device using security policies, log forwarding profiles, and log settings.

C https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/host-information/quarantine-devices-using-host-information/automatically-quarantine-a-device

Answer is C. Read the wording of the question and then find the answer here: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-new-features/globalprotect-features/identification-and-quarantine-of-compromised-devices.html

C is correct

Correct "C" https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/host-information/quarantine-devices-using-host-information/automatically-quarantine-a-device.html#idb42b2b82-b253-4be7-9840-1efa49dba3da

After you identify a device as compromised (for example, if a device has been infected with malware and is performing command and control actions), you can manually add the device’s Host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to the GlobalProtect gateway from a quarantined device. You can also automatically quarantine the device using security policies, log forwarding profiles, and log settings. Both A and C kinda work.

Hi Team, the answer is A based on the KB below it even tells you that: 'you can manually add the device’s Host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to the GlobalProtect gateway from a quarantined device'