Which profile or policy should be applied to protect against port scans from the internet?
A . An App-ID security policy rule to block traffic sourcing from the untrust zone
B . Security profiles to security policy rules for traffic sourcing from the untrust zone
C . Interface management profile on the zone of the ingress interface
D . Zone protection profile on the zone of the ingress interface
Answer: D