PCNSE · Question #31
PCNSE Question #31: Real Exam Question with Answer & Explanation
Sign in or unlock PCNSE to reveal the answer and full explanation for question #31. The question stem and answer options stay visible for context.
Question
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination IP address and post. Which option when enabled with the correction threshold would mitigate this attack without dropping legitirnate traffic to other hosts insides the network?
Options
- AZone Protection Policy with UDP Flood Protection
- BQoS Policy to throttle traffic below maximum limit
- CSecurity Policy rule to deny trafic to the IP address and port that is under attack
- DClassified DoS Protection Policy using destination IP only with a Protect action
Unlock PCNSE to see the answer
You've previewed enough free PCNSE questions. Unlock PCNSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.