New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet FCP_FGT_AD-7.6 Exam - Topic 2 Question 2 Discussion

Actual exam question for Fortinet's FCP_FGT_AD-7.6 exam
Question #: 2
Topic #: 2
[All FCP_FGT_AD-7.6 Questions]

A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy.

When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and does not block the file, allowing it to be downloaded.

The administrator confirms that the traffic matches the configured firewall policy.

What are two reasons for the failed virus detection by FortiGate? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, D

by Gail at Jul 07, 2025, 03:46 PM

Limited Time Offer

25%

Off

Get Premium FCP_FGT_AD-7.6 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Junita
2 months ago
I doubt it's C; EICAR is usually small enough to handle.
upvoted 0 times
...
Pearly
2 months ago
Definitely agree with B! Some sites just slip through.
upvoted 0 times
...
Andree
3 months ago
Wait, how can it not detect a virus? That’s surprising!
upvoted 0 times
...
Dierdre
3 months ago
A is also a possibility, but I lean towards B and D.
upvoted 0 times
...
Ashanti
3 months ago
I think it's B and D. Exemptions can mess things up.
upvoted 0 times
...
Claribel
3 months ago
I thought if the SSL inspection profile had certificate inspection enabled, it would still work. But maybe the exemption is the key issue here.
upvoted 0 times
...
Desirae
4 months ago
I'm not entirely sure, but I feel like the EICAR file might be too large for the protocol options limit. That could explain the detection failure.
upvoted 0 times
...
Gwenn
4 months ago
I think I saw a similar question in practice where the issue was related to the self-signed certificate. Could that be why the browser isn't detecting the virus?
upvoted 0 times
...
Leah
4 months ago
I remember something about SSL inspection needing to be properly configured for it to work. Maybe the website is exempted from inspection?
upvoted 0 times
...
Crissy
4 months ago
Ah, I see what's going on here. The SSL inspection profile is likely the culprit, and the website being exempted from SSL inspection could also be a factor. I'll make sure to cover those two points in my answer.
upvoted 0 times
...
Marcos
4 months ago
Okay, I think I've got a good handle on this. The key is understanding how SSL inspection works and the potential issues that can arise with certificate trust. I'll make sure to thoroughly explain my reasoning.
upvoted 0 times
...
Santos
5 months ago
Hmm, the question is pretty straightforward, but I'm not entirely sure about the SSL inspection profile and how that might impact the virus detection. I'll need to review that part carefully.
upvoted 0 times
...
Francis
5 months ago
This seems like a tricky one. I'll need to carefully consider the options and think through the possible reasons for the failed virus detection.
upvoted 0 times
...
Rosio
6 months ago
Haha, the EICAR test file, really? Who downloads that thing anyway? Trying to hack the system or something?
upvoted 0 times
...
Meaghan
6 months ago
I bet the IT guy who set this up was just like, 'Ah, it'll be fine. What could go wrong?' and now look at us. Classic tech move right there.
upvoted 0 times
...
Mira
7 months ago
I'm gonna go with A and B. Gotta cover all the bases, you know? SSL inspection can be tricky stuff.
upvoted 0 times
...
Rikki
7 months ago
D seems like a good option too. If the browser doesn't trust the FortiGate's self-signed certificate, that could definitely cause issues with the SSL inspection.
upvoted 0 times
Dorthy
5 months ago
A) The selected SSL inspection profile has certificate inspection enabled.
upvoted 0 times
...
...
Matthew
7 months ago
Hmm, I think it's probably B. The website is exempted from SSL inspection. That would explain why the virus isn't detected on HTTPS.
upvoted 0 times
Leoma
5 months ago
C: I agree with B. The website being exempted from SSL inspection makes sense.
upvoted 0 times
...
Nicholle
5 months ago
B: Maybe it's D. The browser does not trust the FortiGate self-signed CA certificate.
upvoted 0 times
...
Orville
6 months ago
A: I think it could be A. The selected SSL inspection profile has certificate inspection enabled.
upvoted 0 times
...
...
Ardella
7 months ago
I'm not sure about B and C. Could it be that the website is exempted from SSL inspection?
upvoted 0 times
...
Gerald
7 months ago
I agree with Paulina. Another reason could be D, the browser does not trust the FortiGate self-signed CA certificate.
upvoted 0 times
...
Paulina
7 months ago
I think the reason could be A, the SSL inspection profile has certificate inspection enabled.
upvoted 0 times
...

Save Cancel