NSE 8 – Network Security Expert (812) — Question 70

Which two statements are correct on a FortiGate using the FortiGuard Outbreak Protection Service (VOS)? (Choose two.)

Answer options

• A. The FortiGuard VOS can be used only with proxy-base policy inspections.
• B. If third-party AV database returns a match the scanned file is deemed to be malicious.
• C. The antivirus database queries FortiGuard with the hash of a scanned file
• D. The AV engine scan must be enabled to use the FortiGuard VOS feature
• E. The hash signatures are obtained from the FortiGuard Global Threat Intelligence database

Correct answer: C, E

Explanation

Option C is correct because the antivirus database indeed queries FortiGuard with the hash of the scanned file to check for threats. Option E is also accurate since the hash signatures are derived from the FortiGuard Global Threat Intelligence database. The other options are incorrect; A is misleading about proxy requirements, B misinterprets the AV database's role, and D is incorrect as the AV engine scan does not need to be enabled for VOS to function.