Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 49

You receive notification about new malware that is being used to attack hosts. The malware exploits a software bug in common application.
Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

Answer options

• A. Data Filtering Profile applied to outbound Security policy rules
• B. Antivirus Profile applied to outbound Security policy rules
• C. Data Filtering Profile applied to inbound Security policy rules
• D. Vulnerability Protection Profile applied to inbound Security policy rules

Correct answer: D

Explanation

The correct answer is D, as the Vulnerability Protection Profile is specifically designed to protect against threats exploiting software vulnerabilities. Options A and C, which focus on Data Filtering Profiles, do not address malware threats, while B pertains to antivirus measures that may not cover all software vulnerabilities.