Valid PCNSE Dumps shared by ExamDiscuss.com for Helping Passing PCNSE Exam! ExamDiscuss.com now offer the newest PCNSE exam dumps, the ExamDiscuss.com PCNSE exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PCNSE dumps with Test Engine here:
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination IP address and post. Which option when enabled with the correction threshold would mitigate this attack without dropping legitirnate traffic to other hosts insides the network?
Correct Answer: D
Step 1: Configure a DoS Protection profile for flood protection. 1. Select Objects > Security Profiles > DoS Protection and Add a profile Name. 2. Select Classified as the Type. 3. For Flood Protection, select the check boxes for all of the following types of flood protection: * SYN Flood * UDP Flood * ICMP Flood * ICMPv6 Flood * Other IP Flood Step 2: Configure a DoS Protection policy rule that specifies the criteria for matching the incoming traffic. This step include: (Optional) For Destination Address, select Any or enter the IP address of the device you want to protect. https://www.paloaltonetworks.com/documentation/61/pan-os/pan-os/policy/configure-dos- protection-against-flooding-of-new-sessions