Which statements about antivirus scanning mode are true? (Choose two.)
A. In proxy-based inspection mode antivirus buffers the whole file for scarring before sending it to the client.
B. In flow-based inspection mode, you can use the CLI to configure antivirus profiles to use protocol option profiles.
C. In proxy-based inspection mode, if a virus is detected, a replacement message may not be displayed immediately.
D. In quick scan mode, you can configure antivirus profiles to use any of the available signature data bases.
“In proxy Inspection Mode: buffers the whole file first”
“You can configure protocol options on the Proxy Options Page on the GUI or from the CLI”
Therefore A & B are correct!
C is wrong because:
“For antivirus scanning in proxy-based inspection mode (with client comforting disabled), the block replacement page is displayed immediately when a virus is detected”
Correct answer is A & B
A: Buffers the whole file, packets sent to the client after scan finishes-
B: When the antivirus profile is operanting in flow-based inspection mode, two scanning mode options are available: full scan mode and quick scan mode.(Normal extended, or extreme-depending on what is configured in the CLI).
A and B are correct.
C is wrong, see FortiGate_Security_6.2_Study_Guide-Online.pdf page 483 (proxy mode displays block message immediately if virus is detected).
D is wrong. Only full scan mode uses the full antivirus database. See FortiGate_Security_6.2_Study_Guide-Online.pdf page 477 and 480.
A&B are correct answers
The answer is A and B.
I think is A and B.
cause quick scan mode use just a compact antivirus database.