Palo_Alto_Networks
SSE-ENGINEER · Question #13
SSE-ENGINEER Question #13: Real Exam Question with Answer & Explanation
Sign in or unlock SSE-ENGINEER to reveal the answer and full explanation for question #13. The question stem and answer options stay visible for context.
Question
A malicious user is attempting to connect to a blocked website by crafting a packet using a fake SNI and the correct website in the HTTP host header. Which option will prevent this form of attack?
Options
- AAdvanced Threat Prevention option to block "Domain Fronting"
- BAdvanced URL Filtering and block the "Malicious Behavior" category
- CAdvanced URL Filtering and block "SNI mismatch with Server Certificate (SAN/CN)"
- DSSL Decryption to "Block sessions on SNI mismatch with Server Certificate (SAN/CN)"
Unlock SSE-ENGINEER to see the answer
You've previewed enough free SSE-ENGINEER questions. Unlock SSE-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.