Valid C_HRHFC_2311 Dumps shared by ExamDiscuss.com for Helping Passing C_HRHFC_2311 Exam! ExamDiscuss.com now offer the newest C_HRHFC_2311 exam dumps, the ExamDiscuss.com C_HRHFC_2311 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com C_HRHFC_2311 dumps with Test Engine here:
Access C_HRHFC_2311 Dumps Premium Version
(184 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question
Question 85/85
Which two statements explain antivirus scanning modes? (Choose two.)
Correct Answer: B,C
An antivirus profile in full scan mode buffers up to your specified file size limit. The default is 10 MB. That is large enough for most files, except video files. If your FortiGate model has more RAM, you may be able to increase this threshold. Without a limit, very large files could exhaust the scan memory. So, this threshold balances risk and performance. Is this tradeoff unique to FortiGate, or to a specific model? No. Regardless of vendor or model, you must make a choice. This is because of the difference between scans in theory, that have no limits, and scans on real-world devices, that have finite RAM. In order to detect 100% of malware regardless of file size, a firewall would need infinitely large RAM--something that no device has in the real world. Most viruses are very small. This table shows a typical tradeoff. You can see that with the default 10 MB threshold, only 0.01% of viruses pass through.
FortiGate Security 7.2 Study Guide (p.350 & 352): "In flow-based inspection mode, the IPS engine reads the payload of each packet, caches a local copy, and forwards the packet to the receiver at the same time. Because the file is ransmitted simultaneously, flow-based mode consumes more CPU cycles than proxy-based." "Each protocol's proxy picks up a connection and buffers the entire file first (or waits until the oversize limit is reached) before scanning. The client must wait for the scanning to finish."
FortiGate Security 7.2 Study Guide (p.350 & 352): "In flow-based inspection mode, the IPS engine reads the payload of each packet, caches a local copy, and forwards the packet to the receiver at the same time. Because the file is ransmitted simultaneously, flow-based mode consumes more CPU cycles than proxy-based." "Each protocol's proxy picks up a connection and buffers the entire file first (or waits until the oversize limit is reached) before scanning. The client must wait for the scanning to finish."
- Question List (85q)
- Question 1: Refer to the exhibit. (Exhibit) A network administrator is t...
- Question 2: Which CLI command will display sessions both from client to ...
- Question 3: Which timeout setting can be responsible for deleting SSL VP...
- Question 4: Which two settings are required for SSL VPN to function betw...
- Question 5: Which two statements are true about the RPF check? (Choose t...
- Question 6: Refer to the exhibit to view the firewall policy Why would t...
- Question 7: Which two statements are correct about NGFW Policy-based mod...
- Question 8: Refer to the exhibit. (Exhibit) The global settings on a For...
- Question 9: Which two statements are correct regarding FortiGate HA clus...
- Question 10: Refer to the exhibit. (Exhibit) Given the routing database s...
- Question 11: Refer to the exhibit. (Exhibit) An administrator has configu...
- Question 12: Why does FortiGate keep TCP sessions in the session table fo...
- Question 13: Which two statements about FortiGate FSSO agentless polling ...
- Question 14: Refer to the exhibits. Exhibit A shows the application senso...
- Question 15: If the Services field is configured in a Virtual IP (VIP), w...
- Question 16: What inspection mode does FortiGate use if it is configured ...
- Question 17: Which two features of IPsec IKEv1 authentication are support...
- Question 18: Which of the following statements is true regarding SSL VPN ...
- Question 19: Refer to the exhibit. (Exhibit) An administrator is running ...
- Question 20: Which two statements describe how the RPF check is used? (Ch...
- Question 21: How can you disable RPF checking?...
- Question 22: Which statement is correct regarding the use of application ...
- Question 23: Refer to the exhibits. The exhibits show a network diagram a...
- Question 24: Which three authentication timeout types are availability fo...
- Question 25: Refer to the exhibit. (Exhibit) Which contains a network dia...
- Question 26: What are two benefits of flow-based inspection compared to p...
- Question 27: Refer to the exhibit. (Exhibit) The exhibit shows a diagram ...
- Question 28: An organization requires remote users to send external appli...
- Question 29: Which statement is correct regarding the security fabric?...
- Question 30: Which two statements are true about the FGCP protocol? (Choo...
- Question 31: Which statements about the firmware upgrade process on an ac...
- Question 32: Which two types of traffic are managed only by the managemen...
- Question 33: Which three CLI commands can you use to troubleshoot Layer 3...
- Question 34: 51 Which statement is correct regarding the inspection of so...
- Question 35: What are two features of collector agent advanced mode? (Cho...
- Question 36: An administrator has configured outgoing Interface any in a ...
- Question 37: Refer to the exhibit, which contains a session diagnostic ou...
- Question 38: Refer to the exhibit. The exhibit shows the FortiGuard Categ...
- Question 39: Which three options are the remote log storage options you c...
- Question 40: Refer to the exhibit. Refer to the web filter raw logs. (Exh...
- Question 41: A team manager has decided that, while some members of the t...
- Question 42: Which statement about the policy ID number of a firewall pol...
- Question 43: On FortiGate, which type of logs record information about tr...
- Question 44: Refer to the exhibit. (Exhibit) The exhibit contains a netwo...
- Question 45: An administrator configures FortiGuard servers as DNS server...
- Question 46: Which CLI command will display sessions both from client to ...
- Question 47: Refer to the exhibits. (Exhibit) Exhibit A shows system perf...
- Question 48: Refer to the exhibit. (Exhibit) Based on the raw log, which ...
- Question 49: Which two protocols are used to enable administrator access ...
- Question 50: Which of the following are valid actions for FortiGuard cate...
- Question 51: An administrator has a requirement to keep an application se...
- Question 52: Examine this output from a debug flow: (Exhibit) Why did the...
- Question 53: Which statements best describe auto discovery VPN (ADVPN). (...
- Question 54: Which CLI command allows administrators to troubleshoot Laye...
- Question 55: Refer to the exhibit. (Exhibit) The exhibit displays the out...
- Question 56: When a firewall policy is created, which attribute is added ...
- Question 57: Refer to the exhibit. (Exhibit) Based on the ZTNA tag, the s...
- Question 58: Why does FortiGate Keep TCP sessions in the session table fo...
- Question 59: Examine this PAC file configuration. Which of the following ...
- Question 60: Which feature in the Security Fabric takes one or more actio...
- Question 61: Refer to exhibit. An administrator configured the web filter...
- Question 62: Which three pieces of information does FortiGate use to iden...
- Question 63: An administrator needs to configure VPN user access for mult...
- Question 64: Refer to the exhibit showing a debug flow output. (Exhibit) ...
- Question 65: Which two inspection modes can you use to configure a firewa...
- Question 66: Which statement correctly describes the use of reliable logg...
- Question 67: An administrator is running the following sniffer command: W...
- Question 68: Which three statements explain a flow-based antivirus profil...
- Question 69: Refer to the exhibit. (Exhibit) In the network shown in the ...
- Question 70: Which two statements are correct regarding FortiGate FSSO ag...
- Question 71: What are two scanning techniques supported by FortiGate? (Ch...
- Question 72: Which two settings can be separately configured per VDOM on ...
- Question 73: View the exhibit. (Exhibit) Which of the following statement...
- Question 74: Which statement about the deployment of the Security Fabric ...
- Question 75: An administrator observes that the port1 interface cannot be...
- Question 76: Which statements best describe auto discovery VPN (ADVPN). (...
- Question 77: Which three statements are true regarding session-based auth...
- Question 78: What is a reason for triggering IPS fail open?...
- Question 79: Which two statements ate true about the Security Fabric rati...
- Question 80: Which of the following statements about backing up logs from...
- Question 81: What are two functions of ZTNA? (Choose two.)...
- Question 82: FortiGate is configured as a policy-based next-generation fi...
- Question 83: What is the limitation of using a URL list and application c...
- Question 84: Refer to the exhibit showing a debug flow output. (Exhibit) ...
- Question 85: Which two statements explain antivirus scanning modes? (Choo...
