Given the screenshot, how did the firewall handle the traffic?
Given the screenshot, how did the firewall handle the traffic?
A . Traffic was allowed by policy but denied by profile as encrypted.
B. Traffic was allowed by policy but denied by profile as a threat.
C. Traffic was allowed by profile but denied by policy as a threat.
D. Traffic was allowed by policy but denied by profile as a nonstandard port.
Answer: B
Explanation:
The screenshot shows the threat log which records the traffic that matches a threat signature or is blocked by a security profile. The log entry indicates that the traffic was allowed by the security policy rule “Allow-All” but was denied by the vulnerability protection profile “strict” as a threat. The threat name is “Microsoft Windows SMBv1 Multiple Vulnerabilities (MS17-010: EternalBlue)” and the action is “reset-both” which means that the firewall reset both the client and server connections.
References: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields
Latest PCNSE Dumps Valid Version with 280 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund