Where is information about packet buffer protection logged?
A . Alert entries are in the Alarms log. Entries for dropped traffic, discarded sessions, and blocked IP address are in the Threat log
B. All entries are in the System log
C. Alert entries are in the System log. Entries for dropped traffic, discarded sessions and blocked IP addresses are in the Threat log
D. All entries are in the Alarms log
Answer: C
Explanation:
The Palo Alto Networks firewall generates various types of logs, each serving a specific purpose:
The System log records events related to the health and functionality of the firewall itself, including critical alerts. If the firewall detects issues that could potentially impact the network’s security, it creates an entry in the System log.
The Threat log is responsible for tracking potential security risks detected by the firewall, such as dropped traffic, discarded sessions, and blocked IP addresses. These threats can include viruses, spyware, data leakage, and other vulnerabilities that could compromise the network’s security.
To understand packet buffer protection activities, you would primarily look at these two logs. System logs would provide information about system-wide issues and alerts, while the Threat log would provide detailed information about threats that resulted in dropped traffic, discarded sessions, or blocked IP addresses.
Latest PCNSE Dumps Valid Version with 280 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund