ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-6.4 All Questions

View all questions & answers for the NSE4_FGT-6.4 exam
Go to Exam

Exam NSE4_FGT-6.4 topic 1 question 87 discussion

Actual exam question from Fortinet's NSE4_FGT-6.4
Question #: 87
Topic #: 1
[All NSE4_FGT-6.4 Questions]

Which two statements about antivirus scanning mode are true? (Choose two.)

  • A. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client
  • B. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client
  • C. In proxy-based inspection mode, files bigger than the buffer size are scanned
  • D. In flow-based inspection mode, files bigger than the buffer size are scanned
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by phototrait at June 30, 2021, 7:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bubba808
Highly Voted 3 years, 10 months ago
Correct answer is A and B - Security Study Guide pg. 479 and 482
upvoted 16 times
...
AJDLM
Most Recent 2 years, 10 months ago
FortiGate Security 7.0 pp 485 & 488
upvoted 2 times
...
SandroAlex
3 years, 1 month ago
Selected Answer: AB
A e B são verdadeiras
upvoted 1 times
...
jamc1982
3 years, 1 month ago
Selected Answer: AB
A +B are the corrects
upvoted 1 times
...
darkangelinos
3 years, 1 month ago
A / B are are correct
upvoted 1 times
...
mrtim5700
3 years, 4 months ago
Selected Answer: AB
Regardless of flow or proxy mode, if the file is larger than the buffer, the file is not scanned.
upvoted 3 times
...
forti_Ctes
3 years, 7 months ago
A & B are correct for me
upvoted 3 times
...
vagedis
3 years, 7 months ago
page 492 security guide states the below. A + B are correct. An antivirus profile in full scan mode buffers up to your specified file size limit. The default is 10 MB. That is large enough for most files, except video files. If your FortiGate model has more RAM, you may be able to increase this threshold. Without a limit, very large files could exhaust the scan memory. So, this threshold balances risk and performance. Is this tradeoff unique to FortiGate, or to a specific model? No. Regardless of vendor or model, you must make a choice. This is because of the difference between scans in theory, that have no limits, and scans on real-world devices, that have finite RAM. In order to detect 100% of malware regardless of file size, a firewall would need infinitely large RAM—something that no device has in the real world. Most viruses are very small. This table shows a typical tradeoff. You can see that with the default 10 MB threshold, only 0.01% of viruses pass through.
upvoted 3 times
...
Akoladet
3 years, 7 months ago
Answer is A and D
upvoted 1 times
...
yadavarya97
3 years, 8 months ago
A & B is correct
upvoted 2 times
...
Jancy_111
3 years, 10 months ago
A & B is correct answer
upvoted 2 times
...
phototrait
3 years, 10 months ago
A & B is correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago