PCNSA Question #308: Real Exam Question with Answer & Explanation

The correct answer is B: Anti-Spyware. DNS Security is configured within the Anti-Spyware threat profile in PAN-OS. This is because DNS-based threats - such as DNS tunneling, command-and-control (C2) communication via DNS, and data exfiltration - are classified as spyware behaviors. The Anti-Spyware profile contains a

Submitted by fatima_kr· Apr 18, 2026Managing Objects

Question

In which threat profile object would you configure the DNS Security service?

Options

AAntivirus
BAnti-Spyware
CWildFire
DURL Filtering

Explanation

DNS Security is configured within the Anti-Spyware threat profile in PAN-OS. This is because DNS-based threats - such as DNS tunneling, command-and-control (C2) communication via DNS, and data exfiltration - are classified as spyware behaviors. The Anti-Spyware profile contains a dedicated 'DNS Policies' section where DNS Security categories and actions are defined. Antivirus covers file-based malware, WildFire handles unknown file analysis, and URL Filtering controls web access - none of these manage DNS Security.

Topics

#DNS Security#Threat Profiles#Anti-Spyware Profile#Security Services

Community Discussion

No community discussion yet for this question.

Full PCNSA Practice Browse All PCNSA Questions