A company is deploying FortiGate with Advanced Threat Protection (ATP) and wants to block advanced malware that uses encrypted C2 communications. Which security profile should be configured to perform SSL inspection and detect malicious traffic?
Trap 1: Data Leak Prevention profile
DLP prevents data exfiltration, not malware detection.
Trap 2: Web Filtering profile
Web filtering profiles do not inspect encrypted traffic unless SSL inspection is configured separately, but the primary profile for malware detection is antivirus.
Trap 3: Intrusion Prevention profile
IPS profiles detect exploits but do not decrypt traffic by themselves.
- A
Data Leak Prevention profile
Why wrong: DLP prevents data exfiltration, not malware detection.
- B
Antivirus profile with SSL inspection
Antivirus profiles can be configured with SSL inspection to detect malware in encrypted C2 traffic.
- C
Web Filtering profile
Why wrong: Web filtering profiles do not inspect encrypted traffic unless SSL inspection is configured separately, but the primary profile for malware detection is antivirus.
- D
Intrusion Prevention profile
Why wrong: IPS profiles detect exploits but do not decrypt traffic by themselves.