Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 260

To protect against illegal code execution, which Security profile should be applied?

Answer options

• A. Antivirus profile on allowed traffic
• B. Antivirus profile on denied traffic
• C. Vulnerability Protection profile on allowed traffic
• D. Vulnerability Protection profile on denied traffic

Correct answer: C

Explanation

The correct answer is C because applying a Vulnerability Protection profile on allowed traffic helps in identifying and blocking potential threats before they can execute. The other options either focus on antivirus profiles, which are less effective against code execution, or apply protections on denied traffic, which does not address the issue of allowed traffic that could be exploited.