Palo_Alto_Networks
SECOPS-PRO · Question #72
SECOPS-PRO Question #72: Real Exam Question with Answer & Explanation
Sign in or unlock SECOPS-PRO to reveal the answer and full explanation for question #72. The question stem and answer options stay visible for context.
Question
A Security Operations Center (SOC) is attempting to proactively identify and defend against an evolving spear-phishing campaign that uses novel techniques to deliver custom-built malware. The campaign appears to be sponsored by a nation-state. The SOC has access to WildFire, Unit 42 threat intelligence, and regularly queries VirusTotal. To build a robust defense strategy that includes both technical indicators and contextual understanding of the adversary, which of the following actions or integrations would provide the MOST comprehensive and actionable intelligence?
Options
- ARelying solely on VirusTotal for file hash lookups and URL reputation checks to block known
- BSubmitting all suspicious email attachments to WildFire for immediate dynamic analysis and
- CConfiguring email gateways to block all attachments with a '.exe' extension, regardless of their
- DDeveloping custom YARA rules based on open-source intelligence on similar campaigns and
- EImplementing strict egress filtering to prevent any outbound connections on non-standard ports,
Unlock SECOPS-PRO to see the answer
You've previewed enough free SECOPS-PRO questions. Unlock SECOPS-PRO for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.