FCP – FortiGate Administrator 7.6 — Question 2

A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy.
When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and does not block the file, allowing it to be downloaded.
The administrator confirms that the traffic matches the configured firewall policy.
What are two reasons for the failed virus detection by FortiGate? (Choose two.)

Answer options

• A. The selected SSL inspection profile has certificate inspection enabled.
• B. The website is exempted from SSL inspection.
• C. The El CAR test file exceeds the protocol options oversize limit.
• D. The browser does not trust the FortiGate self-signed CA certificate.

Correct answer: A, B

Explanation

The correct answers are A and B. Answer A indicates that the SSL inspection profile may not be configured to properly inspect the certificate, preventing virus detection. Answer B suggests that the website could be exempt from SSL inspection, which would also result in the inability to scan the downloaded file for viruses. Options C and D are incorrect as they do not directly relate to the failure of virus detection in this scenario.