Examine the FortiGate antivirus logs shown in the exhibit, than answer the following question:

Based on the logs shown, which of the following statements is correct? (Choose two.)
A. The fsa_dropper.exe file was blocked using a local black list entry.
B. The fsa_sample_1.exe file was not sent to FortiSandbox.
C. The eicar.exe file was blocked using a FortiGiard generated signature.
D. The fsa_downloader.exe file was not blocked by FortiGate.
FortiGate root VDOM is authorized and configured to send suspicious files to FortiSandbox for inspection. The administrator creates a new VDOM, and then generates some traffic so that the new VDOM sends a file to FortiSandbox for the first time.
Which of the following is true regarding this scenario?
A. FortiSandbox will accept the file, but not inspect it until the administrator manually configures the new VDOM on FortiSandbox.
B. FortiSandbox will inspect all files based on the root VDOM authorization state and configuration.
C. FortiSandbox will accept the file, but not inspect it until the administrator manually authorizes the new VDOM on FortiSandbox.
D. By default, FortiSandbox will autoauthorize the new VDOM, and inspect files as they are received.
Which of the kill chain stages does Fortinet's advanced threat protection solution block? (Choose three.)
A. Command and control
B. Delivery
C. Reconnaissance
D. Lateral movement
E. Weaponization
Examine the Suspicious Indicators section of the scan job shown in the exhibit, then answer the following question:

Which FortiSandbox component identified the vulnerability exploits?
A. VM scan
B. Antivirus scan
C. Static analysis
D. Cache check
Which advanced threat protection integration solution should you use to protect against out-of-band attack vectors, such as USB drives, used during the delivery stage of the kill chain?
A. FortiGate and FortiSandbox
B. FortiMail and FortiSandbox
C. FortiWeb and FortiSandbox
D. FortiClient and FortiSandbox
Which of the following scan job report sections are generated by static analysis? (Choose two.)
A. Office Behaviors
B. Launched Processes
C. Registry Changes
D. Virtual Simulator
Examine the FortiClient configuration shown in the exhibit. then answer the following question:

What is the general rule you should follow when configuring the Timeout value for files submitted to FortiSandbox?
A. It should be long enough for FortiSandbox to complete an antivirus scan of files.
B. It should be long enough for FortiSandbox to complete a cloud query of file hashes.
C. It should be long enough for FortiSandbox to complete sandbox analysis of files.
D. It should be long enough for FortiSandbox to complete a static analysis of files.
Which threats can FortiSandbox inspect when it is deployed in sniffer mode? (Choose three.)
A. Spam emails
B. Known malware
C. Encrypted files
D. Malicious URLs
E. Botnet connections
What information does a scan job report include? (Choose two.)
A. Updates to the antivirus database
B. Summary of the file activity
C. Details about system files deleted of modified
D. Changes to the FortiSandbox configuration
Examine the virtual Simulator section of the scan job report shown in the exhibit, then answer the following question:

Based on the behavior observed by the virtual simulator, which of the following statements is the most likely scenario?
A. The file contained a malicious image file.
B. The file contained malicious JavaScript.
C. The file contained a malicious macro.
D. The file contained a malicious URL.