NSE 4 – FortiGate 6.4 — Question 39

What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?

Answer options

• A. Full Content inspection
• B. Proxy-based inspection
• C. Certificate inspection
• D. Flow-based inspection

Correct answer: D

Explanation

Flow-based inspection is the correct answer because it allows for high-performance traffic processing by inspecting packets in real-time without buffering the entire session. Full Content inspection, Proxy-based inspection, and Certificate inspection are not suitable for policy-based NGFW setup as they involve different methodologies that could slow down performance or are not applicable in this context.