Pass the Fortinet Fortinet Certified Professional Security Operations FCP_FSA_AD-5.0 Questions and answers with CertsForce

The best answer is B . The Study Guide explains that under VM settings, “FortiSandbox has a Browser selection that allows you to choose which internet browser the VM instance will use. This helps to customize the test using an internet browser that more closely resembles the user’s environment or just monitor if the test delivers different results.” It also states that the default browser choices are Internet Explorer, Firefox, Chrome, and Edge . In addition, the guide says that “The VM images provided by Fortinet might not suit your needs… You can generate a custom VM that fits your organization’s needs and upload it to FortiSandbox.”

Because only endpoints using Opera are affected, the clean verdict likely occurred because the sandbox environment does not accurately reproduce the exploited browser environment. The most effective fix is to make the sandbox environment match the real target environment more closely by using a custom VM with the same browser behavior as the affected endpoints. The other answers do not address the root cause. STIX/TAXII is unrelated, changing the scan profile file type does not solve a browser-specific exploit path, and job queue priority affects order, not analysis fidelity. Therefore, the required action is to configure a custom VM to use the same browser as the exploited end stations .

The FortiSandbox 5.0 Administrator Lab Guide explicitly states during the inline scanning configuration: “FortiGate and FortiSandbox communicate through port 4443. Management or API ports grant access through port 4443.” In the same exercise, the guide has you enable API access on port2 specifically so inline scanning can function, which confirms that the integration depends on FortiGate reaching FortiSandbox over TCP/4443 .

In this scenario, the intermediate firewall currently allows TCP/3389, UDP/53, and TCP/443, but not TCP/4443 . That is why inline scanning stopped working after the redesign. TCP/443 is not sufficient here because the documented FortiGate-to-FortiSandbox inline communication port is 4443 , not standard HTTPS 443. The other ports in the options do not match the inline-scanning communication requirement described in the uploaded lab materials. Therefore, the required fix is to allow FortiGate access to FortiSandbox on TCP/4443 .