An administrator receives a notification about new malware that is being used to attack hosts. The malware exploits a software bug in a common application.
Which Security Profile will detect and block access to this threat after the administrator updates the firewall's threat signature database?
The correct Security Profile to detect and block access to the threat in this scenario is the Vulnerability Profile applied to inbound Security policy rules. Vulnerability Profiles are designed to detect and prevent exploits based on known software vulnerabilities. Since the malware exploits a software bug in a common application, applying a Vulnerability Profile on inbound traffic will help block attempts to exploit this particular vulnerability, protecting the hosts from the attack.
The correct answer is: A. Vulnerability Profile applied to inbound Security policy rules Vulnerability Profiles are used to detect and block exploits against known vulnerabilities in software applications. The administrator's notification indicated that the new malware exploits a software bug in a common application. By applying a Vulnerability Profile to inbound Security policy rules, the administrator can block all attempts to exploit this vulnerability, even if the malware is not yet known to the firewall's threat signature database.
I'm going with A on this one. https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-vulnerability-protection
A. You block the malware inbound from attacking your host using the common application.
A because B is for outbound policies
its inbound Traffic
I would go with B, as it is malware.