Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 41

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.
Which security profile components will detect and prevent this threat after the firewall's signature database has been updated?

Answer options

• A. antivirus profile applied to outbound security policies
• B. data filtering profile applied to inbound security policies
• C. data filtering profile applied to outbound security policies
• D. vulnerability profile applied to inbound security policies

Correct answer: A

Explanation

The correct answer is A because an antivirus profile is designed to detect and mitigate malware threats, particularly in outbound traffic where the infected host attempts to connect to a C2 server. The other options do not focus on malware detection in outbound traffic; data filtering profiles are more about managing data types rather than detecting malware, and vulnerability profiles are related to identifying system weaknesses rather than real-time malware threats.