A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination IP address and post.
Which option when enabled with the correction threshold would mitigate this attack without dropping legitirnate traffic to other hosts insides the network?
A . Zone Protection Policy with UDP Flood Protection
B . QoS Policy to throttle traffic below maximum limit
C . Security Policy rule to deny trafic to the IP address and port that is under attack
D . Classified DoS Protection Policy using destination IP only with a Protect action
Answer: D