FortiGate buffers the whole file, but transmits to the client simultaneously.
FortiGate buffers only a part of the file, and not transmits to the client simultaneously.
Pregunta 3
Pregunta
Flow-Based Inspection Mode—Full Scan Mode
Respuesta
When the last packet arrives, the AV engine starts the scan.
Files bigger than buffer size are not scanned—can enable logging of these files.
Packets are not delayed by scan—exceptlastpacket.
Lower perceived latency-data loads faster
When the first packet arrives, the AV engine starts the scan.
Files bigger than buffer size are scanned— can´t enable logging of these files.
Packets are not delayed by scan—except first packet.
Faster perceived latency-data loads lower
Pregunta 4
Pregunta
Flow-Based Inspection Mode—Full Scan Mode
Respuesta
If a virus is detected, the last packet is dropped and the connection is reset. If an identical request is made, the block replacement page is inserted immediately.
If a virus is detected, the first packet is dropped and the connection is reset. If an identical request is made, the block replacement page is inserted again.
Pregunta 5
Pregunta
When the antivirus profile is operating in proxy inspection mode, two scanning mode options are available
Respuesta
True
False
Pregunta 6
Pregunta
When the antivirus profile is operating in flow-based inspection mode, two scanning mode options are available:
Respuesta
full scan mode
quick scan mode
full scan mode
medium scan mode
Pregunta 7
Pregunta
Because the file is transmitted simultaneously, flow inspection mode scanning consumes more CPU cycles.
Regardless of which mode you use, the scan techniques give similar detection rates. How can you choose between the scan engines? If performance is your top priority:
Respuesta
then flow inspection mode is more appropriate. If security is your priority, proxy inspection mode—with client comforting disabled—is more appropriate.
then proxy inspection mode is more appropriate. If security is your priority, flow inspection mode—with client comforting disabled—is more appropriate.
Pregunta 10
Pregunta
Uses the IPS engine and embedded compact antivirus database
Faster, less memory usage because the file is not cached, but lower catching rate
Cannot send files to FortiSandbox for inspection
Cannot use advanced heuristics and mobile malware package
Respuesta
Quick Scan Mode Packet Flow
Full Scan Mode Packet Flow
Pregunta 11
Pregunta
The quick scan mode option is only available in proxy inspection mode.
Respuesta
True
False
Pregunta 12
Pregunta
Some entry-level FortiGate models don’t support quick scan flow-based inspection method.