A network administrator is trying to prevent domain username and password submissions to phishing sites on some allowed URL categories.
Which set of steps does the administrator need to take in the URL Filtering profile to prevent credential phishing on the firewall?
To prevent credential phishing on the firewall, the administrator should choose the URL categories in the User Credential Submission column and set the action to block. Then, they should select the URL filtering settings and enable Domain Credential Filter. Finally, they should commit the changes. This approach ensures that credential phishing prevention is properly configured by taking advantage of the Domain Credential Filter, which verifies that the username maps to the IP address of the logged-in user.
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/prevent-credential-phishing/set-up-credential-phishing-prevention
A. "Select the user"
The answer is A. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/prevent-credential-phishing/set-up-credential-phishing-prevention#idc77030dc-6022-4458-8c50-1dc0fe7cffe4
This is a nasty question. The answer is A) It's not b or c as the IP option only works on username and question says password too. As far as I can tell A & D are identical. On my lab it says "use" rather than enable. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-security-profiles-url-filtering/user-credential-detection
A Configure the User Credential Detection settings. Under User Credential Detection, select a User Credential Detection method. Use IP User Mapping—Checks for valid corporate username submissions and verifies that the login username maps to the source IP address of the session. To do this, Prisma Access matches the submitted username and source IP address of the session against its IP-address-to-username mapping table. Use Domain Credential Filter—Checks for valid corporate username and password submissions and verifies that the username maps to the IP address of the logged-in user. Use Group Mapping—Checks for valid username submissions based on the user-to-group mapping table populated when you map users to groups. You can apply credential detection to any part of the directory or for specific groups that have access to your most sensitive applications, such as IT.
Credential phishing prevention works by scanning username and password submissions to websites and comparing those submissions to known corporate credentials. You can configure solutions that detect and prevent credential phishing using URL filtering profiles and User-ID agents.