Archives are unpacked and files and archives within are scanned separately. Decompressed files have a separate oversize limit. Limit can be configured for each protocol separately.
compressed archives are supported (default is 12 layers) maximum 100 usually.
compressed archives are supported (default is 21 layers) maximum 1000 usually.
compressed archives are supported (default is 100 layers) maximun 1000 usually.
What is the default scanning behavior for files over 10MB?
A. Allow the file without scanning.
B. Block all large files that exceed the buffer threshold.
How do you enable botnet protection?
A. Enable botnet scans under FortiSandbox configuration.
B. Enable botnet scans on external (WAN) facing interfaces.
FortiGate models that feature NTurbo (NP4 or NPS) can accelerate antivirus processing to enhance performance. SoC3 models also support NTurbo
Config ips global set np-accel-mode {none | basic } (Enable NTurbo acceleration
Config av global set np-accel-mode {none | basic } (Enable NTurbo acceleration
Can you use NTurbo hardware acceleration for proxy-based inspection mode antivirus scans?
Yes
No
What does the logging of oversized files option do?
A. Enables logging of all files that cannot be scanned due to oversize limit.
B. Logs all files that are over 5MB.
Run the real-time update debug to isolate update-related issues.
# diagnose debug application update -1 # diagnose debug enable # execute update-av
# diagnose debug av update -1 # diagnose debug enable # execute update-application
What TCP port is used to contact to FortiGuard servers for antivirus updates?
A. 53
B. 443