You receive notification about new malware that infects hosts through malicious files transferred by FTP.
Which Security profile detects and protects your internal networks from this threat after you update your firewall's threat signature database?
You receive notification about new malware that infects hosts through malicious files transferred by FTP.
Which Security profile detects and protects your internal networks from this threat after you update your firewall's threat signature database?
An Antivirus profile applied to inbound Security policy rules is designed to detect and protect against malware infections, including those spread through FTP transfers. The profile scans for various types of malware in multiple file types and can block threats effectively, especially when the firewall's threat signature database is updated. URL Filtering profiles are meant for controlling access to websites, Data Filtering profiles prevent data exfiltration, and Vulnerability Protection profiles safeguard against software exploits, none of which are directly related to blocking malware infections from FTP transfers.
Antivirus profiles protect against viruses, worms, and trojans as well as spyware downloads. Using a stream-based malware prevention engine, which inspects traffic the moment the first packet is received, the Palo Alto Networks antivirus solution can provide protection for clients without significantly impacting the performance of the firewall. This profile scans for a wide variety of malware in executables, PDF files, HTML and JavaScript viruses, including support for scanning inside compressed files and data encoding schemes. If you have enabled Decryption on the firewall, the profile also enables scanning of decrypted content. The default profile inspects all of the listed protocol decoders for viruses, and generates alerts for SMTP, IMAP, and POP3 protocols while blocking for FTP, HTTP, and SMB protocols.
The default Antivirus profile inspects all of the listed protocol decoders for malware, and generates alerts for SMTP, IMAP, and POP3 protocols while blocking for FTP, HTTP, and SMB protocols3. Therefore, the correct answer is C. Antivirus profile applied to inbound Security policy rules. Please note that the other profiles mentioned have different purposes: URL Filtering profile is used to control access to websites based on categories1. Data Filtering profile is used to prevent sensitive information from leaving the network1. Vulnerability Protection profile is used to protect against exploits that target software vulnerabilities1.