NSE4 Question #218: Real Exam Question with Answer & Explanation

The correct answer is A: Application Control is based on the IPS engine.. Application Control utilizes the IPS engine for application identification and can inspect SSL encrypted traffic when SSL inspection is enabled on the FortiGate.

Submitted by rania.sa· Apr 18, 2026Security Profiles and Content Inspection

Question

Which of the following statements are correct regarding Application Control?

Options

AApplication Control is based on the IPS engine.
BApplication Control is based on the AV engine.
CApplication Control can be applied to SSL encrypted traffic.
DApplication Control cannot be applied to SSL encrypted traffic.

Explanation

Application Control utilizes the IPS engine for application identification and can inspect SSL encrypted traffic when SSL inspection is enabled on the FortiGate.

Common mistakes.

B. Application Control is distinct from the Antivirus (AV) engine; while both are security services, they serve different purposes-AV for malware detection, Application Control for traffic classification and policy enforcement.
D. This statement contradicts the capability of FortiGate with SSL inspection; Application Control can indeed be applied to SSL encrypted traffic when decryption is performed.

Concept tested. Application Control engine and SSL inspection

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/523930/application-control

Topics

#Application Control#Security Profiles#IPS Engine#SSL Inspection

Community Discussion

No community discussion yet for this question.

Full NSE4 Practice Browse All NSE4 Questions