NSE4 Question #213: Real Exam Question with Answer & Explanation

The correct answer is A: TCP connection. The POP3 and IMAP proxies on a FortiGate inspect the content of email messages, including attachments, headers, and body, but do not directly inspect the underlying TCP connection itself.

Submitted by yuriko_h· Apr 18, 2026Security Profiles and Content Inspection

Question

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?

Options

ATCP connection
BFile attachments
CMessage headers
DMessage body

Explanation

The POP3 and IMAP proxies on a FortiGate inspect the content of email messages, including attachments, headers, and body, but do not directly inspect the underlying TCP connection itself.

Common mistakes.

B. File attachments are a primary target for inspection by POP3 and IMAP proxies, especially for antivirus and data loss prevention.
C. Message headers contain crucial information like sender, recipient, and subject, which are inspected by proxies for spam, phishing, and policy enforcement.
D. The message body contains the main content of the email and is thoroughly inspected for malware, spam, and sensitive information by the proxies.

Concept tested. POP3/IMAP proxy inspection scope

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/523930/proxy-inspection

Topics

#Email security#POP3/IMAP proxy#Content inspection#Application layer security

Community Discussion

No community discussion yet for this question.

Full NSE4 Practice Browse All NSE4 Questions