FCP_FGT_AD-7.4

How does FortiGate act when using SSL VPN in web mode?A . FortiGate acts as an FDS server.B . FortiGate acts as an HTTP reverse proxy.C . FortiGate acts as DNS server.D . FortiGate acts as router.View AnswerAnswer: B Explanation: B. FortiGate acts as an HTTP reverse proxy. When using...

Refer to the exhibit. Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP .Login.Failed signature to the IPS sensor profile?A . Traffic matching the signature will be silently dropped and logged.B . The signature setting uses a custom rating threshold.C . The...

Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.) A. udp-echo B. DNS C. TWAMP D. pingView AnswerAnswer: A,C Explanation: The correct answers are: A. udp-echo The udp-echo protocol option is available on the CLI for configuring...

Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.) A. The subject field in the server certificate B. The serial number in the server certificate C. The server name indication (SNI) extension in the client...

Which two statements about FortiGate antivirus databases are true? (Choose two.)A . The quick scan database is part of the normal database.B . The extreme database is available only on certain FortiGate models.C . The extended database is available on all FortiGate models.D . The extended database is available only...

Refer to the exhibit showing a debug flow output. What two conclusions can you make from the debug flow output? (Choose two.)A . The debug flow is for ICMP traffic.B . The default route is required to receive a reply.C . A new traffic session was created.D . A firewall...

Which two statements correctly describe the differences between IPsec main mode and IPsec aggressive mode? (Choose two.) A. The first packet of aggressive mode contains the peer ID, while the first packet of main mode does not. B. Main mode cannot be used for dialup VPNs, while aggressive mode can....

Which three actions are valid for static URL filtering? (Choose three.) A. Block B. Warning C. Shape D. Exempt E. AllowView AnswerAnswer: A,D,E Explanation: The correct actions for static URL filtering in FortiGate are: A. Block: This action blocks access to the specified URL or category. D. Exempt: This action...

Which statement is correct regarding the inspection of some of the services available by web applications embedded in third-party websites?A . The security actions applied on the web applications will also be explicitly applied on the third-party websites.B . The application signature database inspects traffic only from the original web...

Which statement correctly describes the use of reliable logging on FortiGate?A . Reliable logging is enabled by default in all configuration scenarios.B . Reliable logging is required to encrypt the transmission of logs.C . Reliable logging can be configured only using the CLI.D . Reliable logging prevents the loss of...