NSE 4 – FortiGate 7.0 — Question 64

Which three statements about a flow-based antivirus profile are correct? (Choose three.)

Answer options

• A. IPS engine handles the process as a standalone
• B. Flow-based inspection uses a hybrid of scanning modes available in proxy-based inspection.
• C. If the virus is detected, the last packet is delivered to the client.
• D. Optimized performance compared to proxy-based inspection.
• E. FortiGate buffers the whole file but transmits to the client simultaneously.

Correct answer: B, D, E

Explanation

Option B is correct because flow-based inspection indeed utilizes a mix of scanning modes from proxy-based inspection. Option D is also correct as flow-based inspection is designed for better performance compared to proxy-based methods. Option E is valid because FortiGate can buffer the full file while simultaneously transmitting it to the client, which enhances efficiency. Options A and C are incorrect as they do not accurately describe the behavior of flow-based antivirus profiles.