A FortiGate root VDOM is authorized on FortiSandbox, and FortiGate is configured to send suspicious...

The uploaded FortiSandbox 5.0 Administrator Study Guide states that each VDOM is handled independently by FortiSandbox, not under the root VDOM’s authorization. It explicitly explains that “each VDOM is treated as a separate input device on FortiSandbox” and that each device must be authorized before FortiSandbox will process its submissions. It further adds that only when auto-authorization is enabled will FortiSandbox automatically authorize VDOMs as files are submitted.

Therefore, the new VDOM does not inherit the root VDOM’s authorized state. Since the question does not say that auto-authorization is enabled, FortiSandbox will not automatically trust or process that new VDOM as if it were already approved. This eliminates A and C. Option D is incorrect because the issue is not that the administrator must manually configure the VDOM on FortiSandbox; the study guide specifically identifies authorization as the required control. For that reason, B is the best answer: the new VDOM must be manually authorized before its submitted files are inspected.