Posted by: Pdfprep
Post Date: May 7, 2021
A client has a sensitive application server in their data center and is particularly concerned about resource exhaustion because of distributed denial-of-service attacks.
How can the Palo Alto Networks NGFW be configured to specifically protect this server against resource exhaustion originating from multiple IP addresses (DDoS attack)?
A . Define a custom App-ID to ensure that only legitimate application traffic reaches the server.
B . Add a Vulnerability Protection Profile to block the attack.
C . Add QoS Profiles to throttle incoming requests.
D . Add a DoS Protection Profile with defined session count.
Answer: D
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/dos-protection-profiles
Leave a Reply