nerdexam
Palo_Alto_Networks

PSE-STRATA-PRO-24 · Question #8

PSE-STRATA-PRO-24 Question #8: Real Exam Question with Answer & Explanation

The correct answer is C. DNS Security. DNS Security (Answer C): DNS Security is the appropriate subscription for addressing threats over port 53. DNS tunneling is a common method used for data exfiltration, infiltration, and C2 activities, as it allows malicious traffic to be hidden within legitimate DNS queries. The

Question

A prospective customer is concerned about stopping data exfiltration, data infiltration, and command-and-control (C2) activities over port 53. Which subscription(s) should the systems engineer recommend?

Options

  • AThreat Prevention
  • BApp-ID and Data Loss Prevention
  • CDNS Security
  • DAdvanced Threat Prevention and Advanced URL Filtering

Explanation

DNS Security (Answer C): DNS Security is the appropriate subscription for addressing threats over port 53. DNS tunneling is a common method used for data exfiltration, infiltration, and C2 activities, as it allows malicious traffic to be hidden within legitimate DNS queries. The DNS Security service applies machine learning models to analyze DNS queries in real-time, block malicious domains, and prevent tunneling activities. It integrates seamlessly with the NGFW, ensuring advanced protection against DNS-based threats without requiring additional infrastructure.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PSE-STRATA-PRO-24 Practice