Which statements about DNS filter profiles are true? (Choose two.)
A. They can inspect HTTP traffic.
B. They must be applied in firewall policies with SSL inspection enabled.
C. They can block DNS request to known botnet command and control servers.
D. They can redirect blocked requests to a specific portal.
CD
Pag 374
FortiGate_Infrastructure_6.0_Study_Guide_v2
I think you want to say Security guide note the infra 😉
You also have the option to:
• Block DNS requests to known botnet command and control
• Allow DNS requests when a rating error occurs from the FortiGuard web filter service
• Redirect blocked requests to a specific portal (the Use FortiGuard Default setting is recommended)