15062804
Description
Quiz by Marcos Avila, updated more than 1 year ago
|
Created by Marcos Avila
over 5 years ago
|
|
Question 1
Question
Flow-Based Inspection Mode—Full Scan Mode
Answer
-
Uses the full antivirus database : Normal, extended, or extreme—depending on what is configured in the CLI
-
Uses the normal antivirus database : Normal, extended, or extreme—depending on what is configured in the CLI
Question 2
Question
Flow-Based Inspection Mode—Full Scan Mode (Select 2)
Answer
-
Optimized performance compare to proxy-based scan
-
Optimized performance compare to flow-based scan
-
FortiGate buffers the whole file, but transmits to the client simultaneously.
-
FortiGate buffers only a part of the file, and not transmits to the client simultaneously.
Question 3
Question
Flow-Based Inspection Mode—Full Scan Mode
Answer
-
When the last packet arrives, the AV engine starts the scan. Files bigger than buffer size are not scanned—can enable logging of these files. Packets are not delayed by scan—exceptlastpacket. Lower perceived latency-data loads faster
-
When the first packet arrives, the AV engine starts the scan. Files bigger than buffer size are scanned— can´t enable logging of these files. Packets are not delayed by scan—except first packet. Faster perceived latency-data loads lower
Question 4
Question
Flow-Based Inspection Mode—Full Scan Mode
Answer
-
If a virus is detected, the last packet is dropped and the connection is reset. If an identical request is made, the block replacement page is inserted immediately.
-
If a virus is detected, the first packet is dropped and the connection is reset. If an identical request is made, the block replacement page is inserted again.
Question 5
Question
When the antivirus profile is operating in proxy inspection mode, two scanning mode options are available
Answer
- True
- False
Question 6
Question
When the antivirus profile is operating in flow-based inspection mode, two scanning mode options are available:
Answer
-
full scan mode quick scan mode
-
full scan mode medium scan mode
Question 7
Question
Because the file is transmitted simultaneously, flow inspection mode scanning consumes more CPU cycles.
Answer
-
True
-
False
Question 8
Answer
-
Full scan
-
Quick scan
Question 9
Question
Regardless of which mode you use, the scan techniques give similar detection rates. How can you choose between the scan engines? If performance is your top priority:
Answer
-
then flow inspection mode is more appropriate. If security is your priority, proxy inspection mode—with client comforting disabled—is more appropriate.
-
then proxy inspection mode is more appropriate. If security is your priority, flow inspection mode—with client comforting disabled—is more appropriate.
Question 10
Question
Uses the IPS engine and embedded compact antivirus database
Faster, less memory usage because the file is not cached, but lower catching rate
Cannot send files to FortiSandbox for inspection
Cannot use advanced heuristics and mobile malware package
Answer
-
Quick Scan Mode Packet Flow
-
Full Scan Mode Packet Flow
Question 11
Question
The quick scan mode option is only available in proxy inspection mode.
Answer
- True
- False
Question 12
Question
Some entry-level FortiGate models don’t support quick scan flow-based inspection method.
Answer
- True
- False
Question 13
Answer
-
Quick scan
-
Full scan
Question 14
Answer
-
Proxy inspection mode
-
flow-based inspection mode
Question 15
Answer
-
Proxy Inspection Mode Packet Flow
-
Flow-based Inspection Mode Packet Flow
Question 16
Answer
-
Full flow-based Quick flow-based Proxy-based
-
Proxy-based Full flow-based Quick flow-based
-
Quick flow-based Proxy-based Full flow-based
Question 17
Question
What two scanning modes are available in flow-based inspection mode? 8.
Answer
-
A. Proxy and NGFW
-
B. Full and quick
Question 18
Question
What antivirus database does quick scan mode use?
Answer
-
A. Compact
-
B. Extended
Want to create your own Quizzes for free with GoConqr? Learn more.