Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
ADE
Flow-based inspection mode uses a hybrid of the scanning modes available in proxy-based inspection: the default scanning mode and the legacy scanning mode. Optimized performance compared to proxy-basedscanProxy-based. FortiGate buffers the whole file but transmits it to the client simultaneously. If a virus is detected, the last packet is dropped and the connection is reset.
D as formulate is definitely not a correct answer. FortiOS 7.2 Admin Guide Page 1086. You can read "When a firewall policy's inspection mode is set to flow, traffic flowing through the policy will not be buffered by the FortiGate". Below the link https://docs.fortinet.com/document/fortigate/7.2.0/administration-guide/659145
So, as C is not correct too, i think there is a mistake on the formulation of answer D which should be the correct answer.
A. Flow-based inspection uses a hybrid of the scanning modes available in proxy-based inspection.
D. FortiGate buffers the whole file but transmits to the client at the same time.
E. Flow-based inspection optimizes performance compared to proxy-based inspection.
Reference and download study guide:
https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html
A. Flow-based inspection uses a hybrid of the scanning modes available in proxy-based inspection. (correct)
B. If a virus is detected, the last packet is delivered to the client. (Wrong, if a virus is detected the packet is dropped and a RST packet is sent to client)
C. The IPS engine handles the process as a standalone.(since B and D are wrong, C must be correct)
D. FortiGate buffers the whole file but transmits to the client at the same time. (wrong, is flow-based inspection mode the fortigate does not buffer the packets, it delivers them to the client immediately. When the last packet arrives, FortiGate caches it and puts it on hold while performing AV scanning by the AV engine)
E. Flow-based inspection optimizes performance compared to proxy-based inspection. (correct)
A: Flow-based inspection mode uses a hybrid of the scanning modes available in proxy-based inspection
D: the IPS engine reads the payload of each packet, caches a local copy, and forwards the packet to the receiver at the same time. some operations can be offloaded to SPUs to improve performance (not C)
E: If performance is your top priority, then flow inspection mode is more appropriate.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MengtingLiang
2 weeks, 6 days agoLAFNELL
6 months, 3 weeks agoraydel92
8 months, 1 week agoVic2911
8 months, 2 weeks agoVic2911
8 months, 2 weeks agoSlash_JM
8 months, 2 weeks agoD1360_1304
9 months, 2 weeks agoDanny_B
12 months agoPaulGo
1 year, 1 month agoBoostBoris
1 year, 3 months agochromevandium11
1 year, 4 months ago