Which two IP pool types are useful for carrier-grade NAT deployments? (Choose two.)
Which two IP pool types are useful for carrier-grade NAT deployments? (Choose two.) A. Port block allocation B. Fixed port range C. One-to-one D. OverloadView AnswerAnswer: A,B Explanation: The two IP pool types that are useful for carrier-grade NAT (CGNAT) deployments are: A. Port block allocation B. Fixed port range...
Based on the configuration, what will happen to Apple FaceTime?
Refer to the exhibit to view the application control profile. Based on the configuration, what will happen to Apple FaceTime?A . Apple FaceTime will be allowed, based on the Apple filter configuration.B . Apple FaceTime will be allowed, based on the Categories configuration.C . Apple FaceTime will be blocked, based...
Which two statements are true?
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset.B . FortiGate devices are not in sync because one device is down.C . FortiGate SN FGVM010000064692...
Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers?
Refer to the exhibit. An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.) A. The Detection Mode setting is not set to Passive. B. Administrator didn't configure a gateway for the...
Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode? (Choose two.)
Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode? (Choose two.) A. FG-traffic B. Mgmt C. FG-Mgmt D. RootView AnswerAnswer: A,D Explanation: Root VDOM is created by default when VDOMs are enabled. configure on Fortigate: - captive portal authentication required - Authentication...
Which item can be selected in the firewall policy Destination field?
An administrator has configured central DNAT and virtual IPs. Which item can be selected in the firewall policy Destination field?A . An IP poolB . A VIP objectC . A VIP groupD . The mapped IP address object of the VIP objectView AnswerAnswer: D Explanation: - when central NAT is...
What are two configuration changes that the administrator can make to satisfy the requirement?
An administrator wants to block https://www.example.com/videos and allow all other URLs on the website. What are two configuration changes that the administrator can make to satisfy the requirement? (Choose two.)A . Configure web override for the URL and select a blocked FortiGuard subcategoryB . Enable full SSL inspectionC . Configure...
Which two behaviors result from this full (deep) SSL configuration?
View the exhibit. Which two behaviors result from this full (deep) SSL configuration? (Choose two.)A . The browser bypasses all certificate warnings and allows the connection.B . A temporary trusted FortiGate certificate replaces the server certificate, even when the server certificate is untrusted.C . A temporary trusted FortiGate certificate replaces...
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?A . FortiGate automatically negotiates different local and remote addresses with the remote peer.B . FortiGate automatically negotiates a new security association after the existing security association expires.C . FortiGate automatically negotiates different encryption and...
Which three methods can you use to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)
Which three methods can you use to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)A . Instant message appB . FortiTokenC . EmailD . Voicemail messageE . SMS text messageView AnswerAnswer: B,C,E Explanation: The three methods that can be used to deliver...