Log Forwarding—For easier management, forward DoS logs separately from other Threat logs directly to administrators via email and to a log server. - https://docs.paloaltonetworks.com/best-practices/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/deploy-dos-and-zone-protection-using-best-practices
Option A - "For easier management, use separate log forwarding profiles to forward DoS and zone threshold event logs separately from other Threat logs." Best Practices: https://docs.paloaltonetworks.com/best-practices/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/follow-post-deployment-dos-and-zone-protection-best-practices
Reviewing DoS (Denial of Service) threat activity in the Block Activity section of the ACC (Application Command Center) and looking for patterns of abuse is an important step in ensuring effective zone protection. By monitoring and analyzing DoS threat activity, you can identify potential attacks and take appropriate actions to mitigate them.
https://docs.paloaltonetworks.com/best-practices/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/follow-post-deployment-dos-and-zone-protection-best-practices
"For easier management, use separate log forwarding profiles to forward DoS and zone threshold event logs separately from other Threat logs."
is D because the kb says Log Forwarding—For easier management, forward DoS logs separately from other Threat logs directly to administrators via email and to a log server.
only for easier mgmt but the real thing here are the fw resources
A
Disabling zone protection because not enough resources is hardly best practices. Best practice would be to size the appliance accordingly in the first place and so make D obsolete. Then A is correct.
https://docs.paloaltonetworks.com/best-practices/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/deploy-dos-and-zone-protection-using-best-practices
Look this.
"Measure firewall performance to ensure it’s within acceptable norms and so you understand the effect of zone and DoS protection on firewall resources.
If the levels of zone and DoS protection (combined with other resource-consuming features such as decryption) consume too many firewall resources, the best practice is to scale up the resources rather than to compromise security."
So, the answer is not D. It's A.
annoyingly both A & B are included in the link:
https://docs.paloaltonetworks.com/best-practices/9-1/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/follow-post-deployment-dos-and-zone-protection-best-practices
https://docs.paloaltonetworks.com/best-practices/10-1/dos-and-zone-protection-best-practices/dos-and-zone-protection-best-practices/deploy-dos-and-zone-protection-using-best-practices
Log Forwarding—For easier management, forward DoS logs separately from other Threat logs directly to administrators via email and to a log server.
Review DoS threat activity (ACC - Threat Activity) and look for patterns of abuse. ?
correct is A
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0d2fdfa
6 months, 1 week ago34f7d3a
11 months, 2 weeks agoSammy3637
11 months, 2 weeks agoMetgatz
11 months, 2 weeks agoelectro165
1 year, 2 months agocertprep2021
1 year, 8 months agoDavid010989
1 year, 10 months agolol12
1 year, 11 months agoGoharam
2 years agoTAKUM1y
2 years agoTAKUM1y
2 years, 1 month agomysteryzjoker
2 years, 1 month agoFlipower
2 years agodatz
2 years, 1 month agoal12345
2 years, 2 months agonose999
2 years, 2 months agoal12345
2 years, 2 months ago