nerdexam
Palo_Alto_Networks

PSE-PLATFORM · Question #91

PSE-PLATFORM Question #91: Real Exam Question with Answer & Explanation

The correct answer is D. Classified DoS Protection Policy using destination IP only with a Protect action. Explanation/Reference: Step 1: Configure a DoS Protection profile for flood protection. 1. Select Objects > Security Profiles > DoS Protection and Add a profile Name. 2. Select Classified as the Type. 3. For Flood Protection, select the check boxes for all of the following types

Question

A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination IP address and post. Which option when enabled with the correction threshold would mitigate this attack without dropping legitirnate traffic to other hosts insides the network?

Options

  • AZone Protection Policy with UDP Flood Protection
  • BQoS Policy to throttle traffic below maximum limit
  • CSecurity Policy rule to deny trafic to the IP address and port that is under attack
  • DClassified DoS Protection Policy using destination IP only with a Protect action

Explanation

Explanation/Reference: Step 1: Configure a DoS Protection profile for flood protection. 1. Select Objects > Security Profiles > DoS Protection and Add a profile Name. 2. Select Classified as the Type. 3. For Flood Protection, select the check boxes for all of the following types of flood protection: Step 2: Configure a DoS Protection policy rule that specifies the criteria for matching the incoming traffic. This step include: (Optional) For Destination Address, select Any or enter the IP address of the device you want to protect.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PSE-PLATFORM Practice