What is the reason for the failed virus detection by FortiGate?

FCP_FGT_AD-7.4 0 Comments

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.

What is the reason for the failed virus detection by FortiGate?
A . Application control is not enabled
B . SSL/SSH Inspection profile is incorrect
C . Antivirus profile configuration is incorrect
D . Antivirus definitions are not up to date

Answer: B

Explanation:

B is correct as https traffic requires SSL decryption. Check the ssh inspection profile.

The likely reason for the failed virus detection by FortiGate when downloading the EICAR test file through HTTPS is:

B. SSL/SSH Inspection profile is incorrect

SSL certificate inspection (SSL/SSH inspection) is necessary for FortiGate to inspect encrypted traffic. If the SSL/SSH Inspection profile is not correctly configured or if there are issues with the SSL certificate used for inspection, the FortiGate device may not be able to inspect the contents of the encrypted HTTPS traffic, leading to a failure in virus detection.

So, the correct answer is B. SSL/SSH Inspection profile is incorrect.

"Full inspection is required"

Latest FCP_FGT_AD-7.4 Dumps Valid Version with 200 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download FCP_FGT_AD-7.4 PDF    FCP_FGT_AD-7.4 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments