Which component of FortiGate can block unwanted traffic based on signature analysis?

The correct answer is the Intrusion Prevention System (IPS) because this component is specifically designed to monitor network traffic for malicious activity and take action to block or prevent that traffic based on predefined signatures of known threats. Signatures are patterns derived from known malware and attack techniques, enabling the IPS to effectively identify and mitigate potential threats in real-time.

While other components play crucial roles in traffic management and security, their functions differ. For instance, Firewall Policies are primarily focused on permitting or denying traffic based on defined rules and not specifically on analyzing content for threats based on signature data. Application Control is geared towards managing applications and their usage rather than analyzing traffic for malicious signatures. Web Filtering helps restrict access to web content based on categories and URLs but is not involved in signature-based analysis. Therefore, IPS is the most appropriate choice for blocking unwanted traffic based on signature analysis, as it directly targets and neutralizes threats leveraging known attack patterns.