Which action and packet-capture setting for items of high severity and critical severity best matches Palo Alto Networks best practice?
The manager of the network security team has asked you to help configure the company’s Security Profiles according to Palo Alto Networks best practice As part of that effort, the manager has assigned you the Vulnerability Protection profile for the internet gateway firewall.
Which action and packet-capture setting for items of high severity and critical severity best matches Palo Alto Networks best practice?
A . action ‘reset-both’ and packet capture ‘extended-capture’
B. action ‘default’ and packet capture ‘single-packet’
C. action ‘reset-both’ and packet capture ‘single-packet’
D. action ‘reset-server’ and packet capture ‘disable’
Answer: C
Explanation:
https://docs.paloaltonetworks.com/best-practices/10-2/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles
"Enable extended-capture for critical, high, and medium severity events and single-packet capture for low severity events. " https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-security-profiles-vulnerability-protection
Latest PCNSE Dumps Valid Version with 280 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund