In Panorama, which three reports or logs will help identify the inclusion of a host / source in a command-and-control (C2) incident? (Choose three.)
In Panorama, which three reports or logs will help identify the inclusion of a host / source in a command-and-control (C2) incident? (Choose three.)
In Panorama, the three reports or logs that help to identify the inclusion of a host or source in a command-and-control (C2) incident are WildFire analysis reports, botnet reports (correcting the typo from 'hotnet reports'), and threat logs. WildFire analysis reports provide information on malware behavior and network activity which is crucial for detecting C2 communication. Botnet reports identify compromised hosts within the network that might be part of a botnet, and threat logs contain logs of detected threats, including C2 traffic.
I don't thik (B) Data Filtering is correct, because it is focus on prevent sensitive, confidential, and proprietary information from leaving the network. https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/security-profiles/set-up-data-filtering#id664a76a7-883b-442d-a73f-bba8e6a63366 In the Threat Logs Monitor, you can see Command and Control traffic
Must be threat log too, we are talking about C2 traffic!
ABD becasue there is no "hotnet" anyhting with PAN firewalls and SaS has nothing to do with C2 traffic.
ACD are correct
C has a typo - should be 'Botnet reports'