NSE 4 – FortiGate 7.0 — Question 5

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.
What is the reason for the failed virus detection by FortiGate?

Answer options

• A. Antivirus definitions are not up to date.
• B. SSL/SSH Inspection profile is incorrect.
• C. Antivirus profile configuration is incorrect.
• D. Application control is not enabled.

Correct answer: B

Explanation

The correct answer is B because FortiGate relies on SSL/SSH Inspection to decrypt HTTPS traffic for inspection. If the SSL/SSH Inspection profile is incorrect, it cannot properly inspect the HTTPS traffic for viruses. The other options do not address the specific issue of SSL inspection preventing virus detection.