Examine the FortiSandbox Scan Profile configuration shown in the exhibit, and then answer the following question:

Based on the configuration, which of the following statements are true? (Choose two.)

A. PDF files will be inspected in the WIN7X86VM)16 VM.

B. URLs submitted using JSON API will not be inspected.

C. HTM files submitted using the management GUI will be inspected.

D. DMG files will be inspected in the MACOSX VM.

Examine the FortiGate antivirus logs shown in the exhibit, than answer the following question:

Based on the logs shown, which of the following statements is correct? (Choose two.)

A. The fsa_dropper.exe file was blocked using a local black list entry.

B. The fsa_sample_1.exe file was not sent to FortiSandbox.

C. The eicar.exe file was blocked using a FortiGiard generated signature.

D. The fsa_downloader.exe file was not blocked by FortiGate.

FortiGate root VDOM is authorized and configured to send suspicious files to FortiSandbox for inspection. The administrator creates a new VDOM, and then generates some traffic so that the new VDOM sends a file to FortiSandbox for the first time.

Which of the following is true regarding this scenario?

A. FortiSandbox will accept the file, but not inspect it until the administrator manually configures the new VDOM on FortiSandbox.

B. FortiSandbox will inspect all files based on the root VDOM authorization state and configuration.

C. FortiSandbox will accept the file, but not inspect it until the administrator manually authorizes the new VDOM on FortiSandbox.

D. By default, FortiSandbox will autoauthorize the new VDOM, and inspect files as they are received.

Which of the advanced threat protection solutions should you use to protect against an attacker may take during the lateral movement stage of the kill chain? (Choose two.)

A. FortiClient and FortiSandbox

B. FortiMail and FortiSandbox

C. FortiGate and FortiSandbox

D. FortiWeb and FortiSandbox

Which of the following advanced threat protection are capable of preventing patient-zero infections? (Choose two.)

A. FortiWeb and FortiSandbox

B. FortiClient and FortiSandbox

C. FortiMail and FortiSandbox

D. FortiGate and FortiSandbox

FortiSandbox generates structured threat information exchange (STIX) packages for which of the following threats? (Choose two.)

A. Botnet connections

B. Malware

C. Intrusion attempts

D. Malicious URLs

Which threats can FortiSandbox inspect when it is deployed in sniffer mode? (Choose three.)

A. Spam emails

B. Known malware

C. Encrypted files

D. Malicious URLs

E. Botnet connections

Which of the following actions are performed by FortiSandbox at the static analysis stage?

A. All activity is monitored and recorded while the sample is executed in a virtual environment.

B. The sample's file type is determined and submitted into the appropriate scan job queue.

C. The sample behavior is analyzed and embedded objects are extracted for analysis.

D. Embedded attachments are scanned using the FortiGuard antivirus engine and the latest signature database.

Examine the FortiSandbox configuration on FortiMail shown in the exhibit, then answer the following question:

What does the Scan result expires in value specify?

A. How often the local scam results cache will expire on FortiMail.

B. How long FortiMail will wait to send a file or URI to FortiSandbox.

C. How long FortiMail will wait for a scan result from FortiSandbox.

D. How long FortiMail will query FortiSandbox for a scan result.

Which of the following are FortiWeb's roles when integrated with FortiSandbox? (Choose two.)

A. Share threat information

B. Prevent outbreaks

C. Generate a verdict

D. Block known threats