NSE 4 – FortiGate 7.2 — Question 25

Which three statements explain a flow-based antivirus profile? (Choose three.)

Answer options

• A. Flow-based inspection uses a hybrid of the scanning modes available in proxy-based inspection.
• B. If a virus is detected, the last packet is delivered to the client.
• C. The IPS engine handles the process as a standalone.
• D. FortiGate buffers the whole file but transmits to the client at the same time.
• E. Flow-based inspection optimizes performance compared to proxy-based inspection.

Correct answer: A, D, E

Explanation

The correct statements A, D, and E accurately describe the characteristics of flow-based antivirus profiles. A highlights the hybrid scanning approach, D points out the simultaneous buffering and transmission of files, and E emphasizes the performance benefits over proxy-based inspection. Option B is incorrect because typically, the last packet is not delivered to the client if malware is detected, and C is wrong as the IPS engine does not operate as a standalone in this context.