Which profile must be applied to the Security policy rule to block spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers?
Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients.
...Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients...
(https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware)
...Anti-Spyware profiles blocks spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers, allowing you to detect malicious traffic leaving the network from infected clients...
(https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware)
Mostly because the admin will not know what websites the compromised hosts will communicate with so using the URL filtering profile will not be effective. The Anti Spyware sec profile however will sort you out fine, it's the chef's kiss in this situation!!!!
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
pcnsa_exam_taker
5 months agoawtsuritacuna
6 months, 2 weeks agoMcMarius11
7 months agoclaudio392
7 months agohdrnzienlaoroljol
9 months, 3 weeks agoKalender
10 months, 2 weeks agoDatITGuyTho1337
12 months agoDatITGuyTho1337
12 months ago