NSE 4 – FortiGate 6.4 — Question 82
A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.
What is the reason for the failed virus detection by FortiGate?
Answer options
- A. Application control is not enabled
- B. SSL/SSH Inspection profile is incorrect
- C. Antivirus profile configuration is incorrect
- D. Antivirus definitions are not up to date
Correct answer: B
Explanation
The correct answer is B because if the SSL/SSH Inspection profile is not set up properly, FortiGate will not be able to inspect the encrypted HTTPS traffic for viruses. The other options may contribute to security issues, but they do not directly explain the failure to detect the virus in this specific scenario.