ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE8_812 All Questions

View all questions & answers for the NSE8_812 exam
Go to Exam

Exam NSE8_812 topic 1 question 31 discussion

Actual exam question from Fortinet's NSE8_812
Question #: 31
Topic #: 1
[All NSE8_812 Questions]

Which two statements are correct on a FortiGate using the FortiGuard Outbreak Protection Service (VOS)? (Choose two.)

  • A. The FortiGuard VOS can be used only with proxy-base policy inspections.
  • B. If third-party AV database returns a match the scanned file is deemed to be malicious.
  • C. The antivirus database queries FortiGuard with the hash of a scanned file
  • D. The AV engine scan must be enabled to use the FortiGuard VOS feature
  • E. The hash signatures are obtained from the FortiGuard Global Threat Intelligence database
Show Suggested Answer Hide Answer
Suggested Answer: CE 🗳️
by Viewable8041 at Sept. 5, 2023, 10:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pat1361
10 months, 3 weeks ago
Selected Answer: CD
quoting from docs.Fortinet "The hash signatures are obtained from external sources such as VirusTotal, Symantec, Kaspersky, and other third-party websites and services." so E is incorrect. C 100% correct E is correct because you enable VoS under the antivirus profile so AV engine must be enabled.
upvoted 1 times
...
ac89l
1 year, 4 months ago
Selected Answer: CE
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/889364/fortiguard-outbreak-prevention -Enabling the AV engine scan is not required to use this feature. -The hash signatures are obtained from FortiGuard's Global Threat Intelligence database
upvoted 2 times
ac89l
1 year, 4 months ago
A wrong: FortiGuard VOS can be used in both proxy-based and flow-based policy inspections across all supported protocols. B is suspicious and tricky: As If FortiGuard returns a match, the scanned file is deemed to be malicious, not if the "third-party AV database" returns a match, while on the other hand, the third-party malware hash signatures curated by FortiGuard. C 100% correct: The antivirus database queries FortiGuard with the hash of a scanned file D wrong: Enabling the AV engine scan is not required to use this feature. E 100% correct: The hash signatures are obtained from FortiGuard's Global Threat Intelligence database And all according to this: https://docs.fortinet.com/document/fortigate/7.4.2/administration-guide/889364/fortiguard-outbreak-prevention
upvoted 3 times
...
...
Golux
1 year, 5 months ago
CD The hashes are obtained from third party database
upvoted 2 times
...
Viewable8041
1 year, 9 months ago
Selected Answer: CE
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/889364/fortiguard-outbreak-prevention First paragraph
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel