Refer to the exhibits. A web filter profile configuration and firewall policy configuration are shown. You are trying to access www.facebook.com, but you are redirected to a FortiGuard web filtering block page. Based on the exhibits, what is the possible cause of the issue? (Choose one answer)

A. The web filter profile feature set is configured incorrectly.
B. The web rating override configuration is incorrect.
C. The firewall policy inspection mode is incorrect.
D. For www.facebook.com, the URL filter action is incorrect.

Correct Answer: B

Brave-Dump Clients Votes

B 50%

C 37.5%

D 12.5%

Comments

javaughn Bryan 2025-08-28 23:59:07

Selected Answers: C

The most accurate answer is C. The firewall policy inspection mode is incorrect. It is incorrect for the chosen web filter profile.

Jay gabasa 2025-10-24 01:34:28

Selected Answers: D

The web filter profile allows Social Networking.

facebook.com appears under the Static URL Filter with Action = Monitor.

FortiGate still blocks it as Malicious Websites.

When the URL filter action is “Monitor,” FortiGate only logs the attempt but still enforces the FortiGuard rating — meaning FortiGuard’s default “Block” action remains active.
If the goal is to allow facebook.com, the URL filter must explicitly Allow it.

Therefore:

B is wrong because no web rating override exists.

D is right because the URL filter action (Monitor) is the incorrect configuration that caused the block.

Jo ROLD 2025-12-04 22:48:49

Selected Answers: B

B is the right answer.
On the Blocking Page we can see that www.facebook.com is categorized as "Malicious Website".
That means that there is a Web Category Override somewhere in the configuration where facebook.com has been manually categorized as Malicious Website

shaik zubair 2025-12-10 19:52:13

Selected Answers: C

The web filter profile is configured as Flow‑based (see “Feature set: Flow-based” in the profile).

The firewall policy, however, is set to Proxy‑based inspection.

In FortiOS, the feature set of the security profile must match the inspection mode of the policy; a flow‑based profile attached to a proxy‑based policy can lead to unexpected behavior, including FortiGuard default blocking instead of applying the intended URL filter settings to www.facebook.com.

So correct option is C

sospally 2025-12-17 08:12:30

Selected Answers: B

There is an override setting facebook.com to malicious.
C isn't right since a web filter inspection mode doesn't need to match a firewall policy inspection mode
D isn't correct either since although the doing it as Simple / www.facebook.com isn't a great way of doing it, it should still allow browsing directly to www.facebook.com as the question states.
A just doesn't make any sense.
So that leaves B. There must an override which we don't see in the question which is labeling facebook.com as malicious.

Brave-Dumps Admin 2025-12-17 11:23:39

Selected Answers: B

B is the correct one

Anonymous User 2026-02-23 15:40:11

Selected Answers: B

B is correct as the block page shows facebook.com as a category malicious websites. Facebook would never be categorised as this by Fortinet without a local web rating override setting this as malicious.

Anonymous User 2026-02-26 23:35:23

Selected Answers: C

C is correct because the Feature set in Web Filter must match Inspection Mode in the ACL