FCP – FortiGate Administrator 7.4 — Question 40

A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy.

When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the and does not block the file allowing it to be downloaded.

The administrator confirms that the traffic matches the configured firewall policy.

What are two reasons for the failed virus detection by FortiGate? (Choose two.)

Answer options

• A. The selected SSL inspection profile has certificate inspection enabled
• B. The browser does not trust the FortiGate self-signed CA certificate
• C. The EICAR test file exceeds the protocol options oversize limit
• D. The website is exempted from SSL inspection

Correct answer: A, D

Explanation

The correct answer A indicates that certificate inspection is enabled, which can prevent the FortiGate from properly inspecting SSL traffic. Option D is also correct as an exemption from SSL inspection would mean that the traffic is not analyzed for viruses. Options B and C do not directly cause the failure in virus detection in this scenario.