Fortinet Exam NSE8_812 Topic 5 Question 34 Discussion

Actual exam question for Fortinet's NSE8_812 exam

Question #: 34
Topic #: 5

[All NSE8_812 Questions]

Which two statements are correct on a FortiGate using the FortiGuard Outbreak Protection Service (VOS)? (Choose two.)

AThe FortiGuard VOS can be used only with proxy-base policy inspections.

BIf third-party AV database returns a match the scanned file is deemed to be malicious.

CThe antivirus database queries FortiGuard with the hash of a scanned file

DThe AV engine scan must be enabled to use the FortiGuard VOS feature

EThe hash signatures are obtained from the FortiGuard Global Threat Intelligence database.

Show Suggested Answer

Suggested Answer: C, E

c) The antivirus database queries FortiGuard with the hash of a scanned file. This is how the FortiGuard VOS service works. The FortiGate queries FortiGuard with the hash of a scanned file, and FortiGuard returns a list of known malware signatures that match the hash.

e) The hash signatures are obtained from the FortiGuard Global Threat Intelligence database. This is where the FortiGuard VOS service gets its hash signatures from. The FortiGuard Global Threat Intelligence database is updated regularly with new malware signatures.

by Kristeen at Sep 14, 2024, 10:49 PM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF