ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 385 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 385
Topic #: 1
[All PCNSE Questions]

A network administrator notices there is a false-positive situation after enabling Security profiles. When the administrator checks the threat prevention logs, the related signature displays: threat type: spyware category: dns-c2 threat ID: 1000011111
Which set of steps should the administrator take to configure an exception for this signature?

  • A. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select the signature exceptions tab and then click show all signatures Search related threat ID and click enable Change the default action Commit
  • B. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select the Exceptions tab and then click show all signatures Search related threat ID and click enable Commit
  • C. Navigate to Objects > Security Profiles > Vulnerability Protection Select related profile Select the Exceptions tab and then click show all signatures Search related threat ID and click enable Commit
  • D. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select DNS exceptions tabs Search related threat ID and click enable Commit
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by nose999 at Sept. 8, 2022, 11:40 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
millosz222
Highly Voted 2 years, 4 months ago
Selected Answer: D
100% D A. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select the signature exceptions tab and then click show all signatures Search related threat ID and click enable Change the default action Commit there is no option to change default action only enable B. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select the Exceptions tab and then click show all signatures Search related threat ID and click enable Commit there is no any tab for Exception only signature Exception or DNS exception C. Navigate to Objects > Security Profiles > Vulnerability Protection Select related profile Select the Exceptions tab and then click show all signatures Search related threat ID and click enable Commit for sure not vulnerability D. Navigate to Objects > Security Profiles > Anti-Spyware Select related profile Select DNS exceptions tabs Search related threat ID and click enable Commit
upvoted 9 times
jeremykebir
6 months ago
100% bro
upvoted 1 times
...
...
Tarek_ben_romdhane
Most Recent 2 months, 3 weeks ago
i think A
upvoted 1 times
...
Marshpillowz
11 months, 3 weeks ago
Selected Answer: D
D is correct
upvoted 1 times
...
Sammy3637
1 year, 1 month ago
Selected Answer: D
DNS Exceptions for sure !
upvoted 1 times
...
Metgatz
1 year, 1 month ago
Selected Answer: D
spyware category: dns-c2 - Option D
upvoted 1 times
...
djedeen
2 years ago
Selected Answer: D
D: Select Objects>Security Profiles>Anti-Spyware. Add or modify the Anti-Spyware profile from which you want to exclude the threat signature, and select DNS Exceptions. Search for the DNS Threat ID for the DNS signature that you want to exclude from enforcement and select the box of the applicable signature. . . https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/threat-prevention/create-threat-exceptions
upvoted 2 times
...
Sarbi
2 years ago
100 % d checked on the Panorama
upvoted 2 times
...
TAKUM1y
2 years, 2 months ago
Selected Answer: D
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/threat-prevention/create-threat-exceptions
upvoted 2 times
...
secdaddy
2 years, 3 months ago
agree D Step 3 here - DNS signatures are handled differently https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/create-threat-exceptions
upvoted 2 times
...
DrNick0
2 years, 4 months ago
Correct answer is A, enable a specific signature, change the default action from reset both to allow and commit. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcrCAC
upvoted 1 times
...
juan_L
2 years, 4 months ago
Selected Answer: B
B - Easy: Just see GUI capture https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/dita/_graphics/9-1/threat-prevention/threat-exception-antispyware.png/jcr:content/renditions/original
upvoted 1 times
nose999
2 years, 4 months ago
I chose D as this threat in the question is specifically a DNS threat so you follow Step 3
upvoted 1 times
...
...
nose999
2 years, 4 months ago
Selected Answer: D
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/create-threat-exceptions
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago