Correct:
C. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
D. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.
FortiGate Security 7.2 Study Guide (p.350 & 352):
"In flow-based inspection mode, the IPS engine reads the payload of each packet, caches a local copy, and forwards the packet to the receiver at the same time. Because the file is ransmitted simultaneously, flow-based mode consumes more CPU cycles than proxy-based."
"Each protocol’s proxy picks up a connection and buffers the entire file first (or waits until the oversize limit is reached) before scanning. The client must wait for the scanning to finish."
Reference and download study guide:
https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
GeniusA
1 year, 4 months agoSlash_JM
1 year, 7 months agoraydel92
1 year, 8 months agoD1360_1304
1 year, 9 months agoBrandon534
1 year, 10 months agoerawemk
1 year, 10 months agoEggrolls
1 year, 10 months agoemacip23
2 years agolrnt
2 years, 1 month ago