nerdexam
ExamsNSE4Questions#192
FortinetFortinet

NSE4 · Question #192

NSE4 Question #192: Real Exam Question with Answer & Explanation

The correct answer is B: Virus scanning. File blocking rules are applied early in the FortiGate inspection process, specifically before resource-intensive deep content inspection like virus scanning.

Submitted by amina.ke· Apr 18, 2026Security Profiles and Content Inspection

Question

File blocking rules are applied before which of the following?

Options

  • AFirewall policy processing
  • BVirus scanning
  • CWeb URL filtering
  • DWhite/Black list filtering

Explanation

File blocking rules are applied early in the FortiGate inspection process, specifically before resource-intensive deep content inspection like virus scanning.

Common mistakes.

  • A. Firewall policy processing occurs earlier, determining if traffic is allowed to pass at all, and then subsequent security profiles (including file blocking) are applied if the policy permits.
  • C. Web URL filtering, while also a security profile, often occurs in parallel or after initial file blocking as it focuses on destination URLs rather than file content.
  • D. White/Black list filtering, such as for email or specific IP addresses, is a different type of filtering that doesn't directly relate to file content inspection order.

Concept tested. FortiGate traffic processing order

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/994488/traffic-processing-order

Topics

#File Blocking#Security Profiles#Inspection Order#UTM Features

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full NSE4 PracticeBrowse All NSE4 Questions