Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network?

PCNSE6 0 Comments

A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port.

Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network?
A . Zone Protection Policy with UDP Flood Protection
B . Classified DoS Protection Policy using destination IP only with a Protect action
C . QoS Policy to throttle traffic below maximum limit
D . Security Policy rule to deny traffic to the IP address and port that is under attack

Answer: B

Reference: https://live.paloaltonetworks.com/docs/DOC-1746

Latest PCNSE6 Dumps Valid Version with 153 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PCNSE6 PDF     PCNSE6 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments