Which Security profile generates an alert based on a threshold when the action is set to Alert?
Which Security profile generates an alert based on a threshold when the action is set to Alert?
DoS (Denial of Service) protection profiles are designed to monitor traffic for specific attack patterns and trigger alerts based on predefined thresholds. These profiles can measure the connections-per-second (CPS) to individual devices or groups of devices and generate an alert when the traffic volume reaches or exceeds the specified threshold. This functionality is critical for protecting against flooding attacks and other types of traffic anomalies that could disrupt network services.
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-security-profiles/actions-in-security-profiles
answer c imo
DOS Generates an alert when the attck vol. (CPS) reaches the Alarm threshold set in the profile. Study guide 92.
C is the answer
Answer should be Data Filter profile, but thats not an option the only other one it could be would be DOS protection profile as it has thresholds for alarm rates.
Answer= c DoS Protection profiles set thresholds that protect against new session IP flood attacks and provide resource protection (maximum concurrent session limits for specified endpoints and resources). DoS Protection profiles protect specific devices (classified profiles) and groups of devices (aggregate profiles) against SYN, UDP, ICMP, ICMPv6, and Other IP flood attacks. Configuring Flood Protection thresholds in a DoS Protection profile is similar to configuring Flood Protection in a Zone Protection profile, but Zone Protection profiles protect entire ingress zones, while DoS protection profiles and policy rules are granular and targeted, and can even be classified to a single device (IP address). The firewall measures the aggregate number of connections-per-second (CPS) to a group of devices (aggregate profile) or measures the CPS to individual devices (classified profile).