Examice

Exam PCNSE All QuestionsBrowse all questions from this exam

Question 135

A client has a sensitive application server in their data center and is particularly concerned about session flooding because of denial-of-service attacks.

How can the Palo Alto Networks NGFW be configured to specifically protect this server against session floods originating from a single IP address?

Add an Anti-Spyware Profile to block attacking IP address

Define a custom App-ID to ensure that only legitimate application traffic reaches the server

Add QoS Profiles to throttle incoming requests

Add a tuned DoS Protection Profile

Correct Answer: D

To protect a sensitive application server against session floods originating from a single IP address, configuring a tuned DoS Protection Profile in the Palo Alto Networks Next-Generation Firewall (NGFW) is the most appropriate approach. This profile can be tailored to specifically detect and mitigate Denial-of-Service (DoS) attacks aimed at overwhelming the server's resources. It provides targeted protection against various types of session floods by setting threshold values and implementing specific policies to limit the impact of these attacks, ensuring that legitimate traffic can still reach the server while malicious traffic is filtered out.

Discussion

nicolasjiangOption: D

correct D

mattassOption: D

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmTCAS

Prutser2Option: D

answr d

woody_

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/zone-protection-and-dos-protection/zone-defense/dos-protection-profiles-and-policy-rules/dos-protection-profiles

MarshpillowzOption: D

D is correct

omgt2k2Option: D

https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/zone-protection-and-dos-protection/zone-defense/dos-protection-profiles-and-policy-rules#:~:text=DoS%20Protection%20policy%20rules%20determine,help%20defend%20against%20DoS%20attacks.