outbound protection means that no request can go out from your PC unless it's been been explicitly requested and allowed by you (ie the programs you've allowed to,their limits etc...) and nothing else...like a trojan. That's the main purpose, how you control what your programs do when they connect, if you asked them to connect, or if an "accidentally" downloaded intruder is attempting to connect using hundreds of possible means. That's where your firewall outbound protection does its job, depending on how you've tweaked the interface (rules).
Now fortunately firewalls have modes doing much of that on their own, like being able to recognize the applications, and detect if something's wrong: predefined policies and rules, that can still be tweaked, are your friends.