Exam PCNSE topic 1 question 328 discussion

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/prevent-credential-phishing/set-up-credential-phishing-prevention

Answer is A, just verified in lab environment.

A Configure the User Credential Detection settings. Under User Credential Detection, select a User Credential Detection method. Use IP User Mapping—Checks for valid corporate username submissions and verifies that the login username maps to the source IP address of the session. To do this, Prisma Access matches the submitted username and source IP address of the session against its IP-address-to-username mapping table. Use Domain Credential Filter—Checks for valid corporate username and password submissions and verifies that the username maps to the IP address of the logged-in user. Use Group Mapping—Checks for valid username submissions based on the user-to-group mapping table populated when you map users to groups. You can apply credential detection to any part of the directory or for specific groups that have access to your most sensitive applications, such as IT.

Credential phishing prevention works by scanning username and password submissions to websites and comparing those submissions to known corporate credentials. You can configure solutions that detect and prevent credential phishing using URL filtering profiles and User-ID agents.

A. "Select the user"

The answer is A. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/prevent-credential-phishing/set-up-credential-phishing-prevention#idc77030dc-6022-4458-8c50-1dc0fe7cffe4

This is a nasty question. The answer is A) It's not b or c as the IP option only works on username and question says password too. As far as I can tell A & D are identical. On my lab it says "use" rather than enable. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-security-profiles-url-filtering/user-credential-detection