Refer to the exhibit Based on the configuration shown, in which two ways will FortiSASE process sessions that require FortiSandbox inspection? (Choose two answers)

A. Only endpoints assigned a profile for sandbox detection will be processed by the sandbox feature.
B. FortiClient quarantines only infected files that FortiSandbox detects as medium level.
C. All files executed on a USB drive will be sent to FortiSandbox for analysis.
D. All files will be sent to a on-premises FortiSandbox for inspection.

Correct Answer: A,C

Brave-Dump Clients Votes

BC 50%

AC 50%

Comments

Douglas Jordan 2025-11-07 15:57:37

Selected Answers: B, C

Correct Answer B,C
Because it is the default profile Answer A is incorrect or not applicable,
Answer B references the Sandbox Detection Verdict Level shown
Answer C shows References the settings shown
D there is no on-premise sandbox (stand-alone) per the screenshot

Lamis mohamed 2025-11-24 13:39:48

Selected Answers: A, C

Select the desired detection verdict level. For FortiClient to apply the action selected in the Action field to an infected file, FortiSandbox must detect the file as this level or higher. For example, if Action is configured as Quarantine and FortiSandbox Detection Verdict Level is configured as Medium, FortiClient quarantines all infected files that FortiSandbox detects as Medium or a higher level (High or Malicious). FortiClient does not quarantine files for which FortiSandbox returns a verdict below this level (Low Risk or Clean).
https://docs.fortinet.com/document/fortisase/latest/mature-administration-guide/259161/sandbox