An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks. Which sessions does Packet Buffer Protection apply to?
A.
It applies to existing sessions and is not global
Indeed, the doc says "existing sessions and global", but in reality, PBP applies to existing and new sessions. PBP measures Connections per seconds and can drop packets of new sessions or discard existing sessions should they consume too many buffers. Basically, the doc is wrong, but for the PCNSE, we should of course answer "While zone and DoS protection apply to new sessions (connections) and are granular, Packet Buffer Protection applies to existing sessions and is global." If only globally applied, PBP drops packets using RED. When applied in a zone, it can also block (with the "block countdown threshold") for an amount of time
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/packet-buffer-protection
Yes, Buffer Protection can apply on each zone. But from doc it said "You must enable Packet Buffer Protection globally in order for it to be active in zones."
So there must be a global rule already being made. Thus I chose B.
Answer is B. Although you don’t configure Packet Buffer Protection in a Zone Protection profile or in a DoS Protection profile or policy rule, Packet Buffer Protection defends ingress zones. While zone and DoS protection apply to new sessions (connections) and are granular, Packet Buffer Protection applies to existing sessions and is global.
It Applied on existing sessions.
It is not Global, yes there is a global control but there is also a zone control, so it can be disabled on some zone.
Correct Answer is A
B correct answer. https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/zone-protection-and-dos-protection/zone-defense/packet-buffer-protection
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
hcir
9 months agoJRKhan
1 year, 2 months agohifumi_daisuki
1 year, 3 months agoWhizdhum
1 year, 3 months agoRoamingFo
1 year, 4 months agoMocix
1 year, 5 months agoconfusion
2 years, 5 months agoTAKUM1y
2 years, 5 months agodatz
2 years, 5 months agokulpaddy
2 years, 6 months ago