Skip to Content

Fortinet NSE4_FGT-7.2: Which order must FortiGate use when web filter profile has features such as safe search enabled

By: Author Alex Lim

Posted on

Categories Exam

Table of Contents

Question

The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. Which order must FortiGate use when the web filter profile has features such as safe search enabled?

A. DNS-based web filter and proxy-based web filter
B. Static URL filter, FortiGuard category filter, and advanced filters
C. FortiGuard category filter and rating filter
D. Static domain filter, SSL inspection filter, and external connectors filters

Answer

B. Static URL filter, FortiGuard category filter, and advanced filters

Explanation

The correct answer is B. Static URL filter, FortiGuard category filter, and advanced filters.

The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. The order is as follows:

  1. Static URL filter: This feature allows you to block or exempt specific URLs based on exact matches or wildcard patterns. You can also use this feature to override the FortiGuard category of a URL.
  2. FortiGuard category filter: This feature allows you to block or allow access to websites based on their categories, such as adult/mature content, education, or social networking. You can also use this feature to enable safe search for supported search engines, such as Google, Bing, and YouTube.
  3. Advanced filters: This feature allows you to apply additional filters based on the content type, file size, file extension, or MIME type of the HTTP response. You can also use this feature to enable content replacement, which replaces specific words or phrases in web pages with asterisks.

The other options are incorrect because:

  • A. DNS-based web filter and proxy-based web filter. These are not features of the web filter profile, but rather modes of operation for web filtering. DNS-based web filter uses DNS requests to block or allow access to websites based on their domains. Proxy-based web filter uses a proxy server to inspect the HTTP traffic and apply the web filter profile.
  • C. FortiGuard category filter and rating filter. Rating filter is not a feature of the web filter profile, but rather a service that provides ratings for websites based on their popularity and reputation. Rating filter can be used in conjunction with FortiGuard category filter to block or allow access to websites based on their ratings.
  • D. Static domain filter, SSL inspection filter, and external connectors filters. Static domain filter is not a feature of the web filter profile, but rather a separate profile that allows you to block or exempt specific domains based on exact matches or wildcard patterns. SSL inspection filter is not a feature of the web filter profile, but rather a separate profile that allows you to inspect encrypted HTTPS traffic and apply the web filter profile. External connectors filters are not a feature of the web filter profile, but rather a separate profile that allows you to integrate with external services, such as FortiSandbox or ICAP servers, to scan and analyze web content.

Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 exam and earn Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 certification.