Which profile must be applied to the Security policy rule to block spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers?
Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients.
...Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients...
(https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware)
...Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients...
(https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware)
Mostly because the admin will not know what websites the compromised hosts will communicate with so using the URL filtering profile will not be effective. The Anti Spyware sec profile however will sort you out fine, it's the chef's kiss in this situation!!!!
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
pcnsa_exam_taker
2 months, 3 weeks agoawtsuritacuna
4 months, 1 week agoMcMarius11
4 months, 2 weeks agoclaudio392
4 months, 3 weeks agohdrnzienlaoroljol
7 months, 1 week agoKalender
8 months agoDatITGuyTho1337
9 months, 2 weeks agoDatITGuyTho1337
9 months, 2 weeks ago