FCP – FortiGate Administrator 7.4 — Question 22

Which two statements explain antivirus scanning modes? (Choose two.)

Answer options

• A. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
• B. In flow-based inspection mode files bigger than the buffer size are scanned
• C. In proxy-based inspection mode files bigger than the buffer size are scanned
• D. In proxy-based inspection mode antivirus scanning buffers the whole file for scanning, before sending it to the client

Correct answer: A, D

Explanation

Option A is correct because flow-based inspection allows for simultaneous buffering and transmission of files. Option D is also correct as proxy-based inspection requires the entire file to be buffered before it is sent to the client. Options B and C are incorrect because they misstate the behavior of flow-based and proxy-based modes regarding files larger than the buffer size.