Which three methods can you use to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)

Which three methods can you use to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)A . Instant message appB . FortiTokenC . EmailD . Voicemail messageE . SMS text messageView AnswerAnswer: B,C,E Explanation: The three methods that can be used to deliver...

March 18, 2025 No Comments READ MORE +

Which two statements about incoming and outgoing interfaces in firewall policies are true? (Choose two.)

Which two statements about incoming and outgoing interfaces in firewall policies are true? (Choose two.)A . Only the "any" interface can be chosen as an incoming interface.B . An incoming interface is mandatory in a firewall policy, but an outgoing interface is optional.C . Multiple interfaces can be selected as...

March 18, 2025 No Comments READ MORE +

What two things does this raw log indicate?

View the exhibit. date=2022-06-14 time=14:45:16 logid=0317013312 type=utm subtype=webfilter eventtype=ftgd_allow level=notice vd="root" policyid=2 identidx=1 sessionid=31232959 user="anonymous" group="ldap_users" srcip=192.168.1.24 srcport=63355 srcintf="port2" dstip=66.171.121.44 dstport=80 dstintf="port1" service="http" hostname="www.fortinet.com" profiletype="Webfilter_Profile" profile="default" status="passthrough" reqtype="direct" url="/" sentbyte=304 rcvdbyte=60135 msg="URL belongs to an allowed category in policy" method=domain class=0 cat=140 catdesc="custom1" What two things does this raw log...

March 17, 2025 No Comments READ MORE +

What is causing this issue?

An administrator configured the antivirus profile in a firewall policy set to flow-based inspection mode. While testing the configuration, the administrator noticed that eicar.com test files can be downloaded using HTTPS protocol only. What is causing this issue?A . Hardware acceleration is in use.B . The test file is larger...

March 15, 2025 No Comments READ MORE +

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.) A. Proxy-based inspection B. Certificate inspection C. Flow-based inspection D. Full Content inspectionView AnswerAnswer: A,C Explanation: The two inspection modes that you can use to configure a firewall policy on...

March 14, 2025 No Comments READ MORE +

Which policy will be highlighted, based on the input criteria?

Refer to the exhibits. The exhibits show the firewall policies and the objects used in the firewall policies. The administrator is using the Policy Lookup feature and has entered the search criteria shown in the exhibit. Which policy will be highlighted, based on the input criteria?A . Policy with ID...

March 14, 2025 No Comments READ MORE +

What is the reason for the failed virus detection by FortiGate?

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...

March 13, 2025 No Comments READ MORE +

What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.)

What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.) A. FortiGate uses fewer resources. B. FortiGate performs a more exhaustive inspection on traffic. C. FortiGate adds less latency to traffic. D. FortiGate allocates two sessions per connection.View AnswerAnswer: A,C Explanation: A. FortiGate uses fewer resources. C....

March 13, 2025 No Comments READ MORE +

Which two statements are true about collector agent standard access mode? (Choose two.)

Which two statements are true about collector agent standard access mode? (Choose two.) A. Standard mode uses Windows convention-NetBios: DomainUsername. B. Standard mode security profiles apply to organizational units (OU). C. Standard mode security profiles apply to user groups. D. Standard access mode supports nested groups.View AnswerAnswer: A,C Explanation: A....

March 11, 2025 No Comments READ MORE +

Which DPD mode on FortiGate will meet the above requirement?

An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel. Which DPD mode on FortiGate will meet the above requirement?A . DisabledB . On DemandC . EnabledD...

March 8, 2025 No Comments READ MORE +