nse5_fct-70 Exam - Question 14

The Answer Is C The FortiClient does not delete the file, it quarantines the file for its inspection, then after X days it is deleted

C is correct. Resources Folder is excluded in the Full Scan so B and D are false. If Full Scan detects infected file moves to the quarantine so A is false too.

among the options provided, the statement that aligns with typical FortiClient behavior is: C. FortiClient quarantines infected files and reviews them later after scanning them.

Resources folder is exclude,so it will not scan

Answer seems C not A Action On Virus Discovery Warn the User If a Process Attempts to Access Infected Files Quarantine Infected Files. You can use FortiClient to view, restore, or delete the quarantined file, as well as view the virus name, submit the file to FortiGuard, and view logs. Deny Access to Infected Files Ignore Infected Files

Should be B. See study Guide FCT7.0 p. 184 "If you want to exclude specific files or folders from the anti virus scan, but still want to perform an antivirus scan on the rest of the system, you can configure an exclusion list. The files and folders that you add to this list are excluded from antivirus scanning."

I correct my previous answer B. is false, it's not FortiClient that copies the file, the OS does it Answer is C

C is correct page 186

A. False = what is deleted in Full Scan are rootkits, while files are only scanned C. False= two choices when infected fiels is detected: deny access or quarantine. If choose quarantine, multiple options are possible including, restore, delete, submit to FortiGuard ...etc default action is not to rescan later D. False = the folder is in the exclusion list, files/folders added there are not scanned

Answer Is C