Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PSE-Platform Topic 1 Question 55 Discussion

Actual exam question for Palo Alto Networks's PSE Platform Exam exam
Question #: 55
Topic #: 1
[All PSE Platform Exam Questions]

Which configuration creates the most comprehensive ''best-practice'' Anti Spyware profile to prevent command and Control traffic?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Dong
5 months ago
I'm leaning towards option D, editing and deploying the Strict Anti-Spyware Profile seems like a good approach to me.
upvoted 0 times
...
Brandon
6 months ago
I disagree, I believe option A is better as it involves cloning the Strict Anti-Spyware Profile for a more comprehensive setup.
upvoted 0 times
...
Olive
6 months ago
I think option B is the best choice because it already includes DNS Sinkholing and Passive DNS Monitoring.
upvoted 0 times
...
Mattie
6 months ago
Haha, yeah, I can just imagine someone trying to use the Strict profile and then complaining that their machine is running like a snail. Better to start with the Default profile and add the good stuff on top. Although, I do wonder if there are any hidden gotchas with that approach that we're not considering.
upvoted 0 times
...
Evangelina
6 months ago
You know, I was initially drawn to option D, since the Strict profile already has those features enabled. But then I realized, if we're going for a 'best-practice' approach, cloning and customizing the profile might be better. That way, we can tailor it to our specific needs, rather than just blindly using the pre-configured one.
upvoted 0 times
Queenie
6 months ago
Yeah, you're right. It's better to customize and deploy a clone to maintain flexibility and avoid potential issues.
upvoted 0 times
...
Maybelle
6 months ago
C) Edit and deploy the Default Anti-Spyware Profile (DNS Sinkholing and Passive DNS Monitoring is already enabled)
upvoted 0 times
...
Fidelia
6 months ago
But wouldn't it be safer to clone and customize the profile instead of editing the strict one directly?
upvoted 0 times
...
Antione
6 months ago
D) Edit and deploy the Strict Anti-Spyware Profile Profile (DNS Sinkholing and Passive DNS Monitoring is already enabled)
upvoted 0 times
...
Nieves
6 months ago
That's a good point. Customizing the profile to fit our specific needs does seem like the best approach.
upvoted 0 times
...
Anabel
6 months ago
B) Clone the Default Anti-Spyware Profile and enable DNS Sinkholing and Passive DNS Monitoring, and deploy this customized clone
upvoted 0 times
...
Jeanice
6 months ago
A) Clone the Strict Anti-Spyware Profile, enable DNS Sinkholing and Passive DNS Monitoring, and deploy this customized clone
upvoted 0 times
...
...
Lennie
6 months ago
I agree with you on that. Option B seems like the sweet spot - we get the core anti-spyware protections, plus the added benefits of DNS Sinkholing and Passive DNS Monitoring. That should cover most of the common command and control traffic scenarios without being too heavy-handed.
upvoted 0 times
...
Emile
6 months ago
Hmm, this question seems a bit tricky. I'm not sure if cloning the Strict Anti-Spyware Profile is the best approach, as that might be overkill for some use cases. I'm leaning more towards option B, where we clone the Default profile and enable the additional features. That way, we get the best-practice settings without going overboard.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77