When investigatinglogs for upload attempts that were recently blocked due to sensitive information leaks, the appropriateSecurity Profileto query isData Filtering.

Why Data Filtering?Data Filtering is acontent inspection security profilewithin Palo Alto NetworksNext-Generation Firewalls (NGFWs)that detects and prevents the unauthorized transmission ofsensitive or confidential data. This security profile is designed to inspectfiles, text, and patternsin network traffic and block uploads that matchpredefined data patternssuch as:

Personally Identifiable Information (PII)– e.g., Social Security Numbers, Credit Card Numbers, Passport Numbers

Financial Data– e.g., Bank Account Numbers, SWIFT Codes

Health Information (HIPAA Compliance)– e.g., Patient Medical Records

Custom Data Patterns– Organizations can define proprietary data patterns for detection

Firewall Policy Application– The Data Filtering profile is attached to Security Policies that inspect file transfers (HTTP, FTP, SMB, SMTP, etc.).

Traffic Inspection– The firewall scans the payload forsensitive data patternsbefore allowing or blocking the transfer.

Alert and Block Actions– If sensitive data is detected in an upload, the firewall canalert,block, orquarantinethe file transfer.

Log Investigation– Security Administrators can analyzeThreat Logs (Monitor > Logs > Data Filtering Logs)to review:

File Name

Destination IP

Source User

Matched Data Pattern

Action Taken (Allowed/Blocked)

Firewall Deployment– Data Filtering is enforced at the firewall level to preventsensitive data exfiltration.

Security Policies– Configured to enforce Data Filtering rules based onbusiness-critical data classifications.

VPN Configurations– Ensures encrypted VPN traffic is also subject to data inspection to prevent insider data leaks.

Threat Prevention– Helps mitigate the risk ofdata theft, insider threats, and accidental exposureof sensitive information.

WildFire Integration– Data Filtering can work alongsideWildFireto inspect files foradvanced threats and malware.

Panorama– Providescentralized visibility and managementof Data Filtering logs across multiple firewalls.

Zero Trust Architectures– Aligns withZero Trustprinciples by enforcing strictcontent inspection and access control policiesto prevent unauthorized data transfers.

How Data Filtering Works in Firewall Logs?References to Firewall Deployment and Security Features:Thus, the correct answer isB. Data Filtering, as it directly pertains topreventing and investigating data leaksinupload attemptsblocked by the firewall.