What is FortiGate’s behavior when local disk logging is disabled?

What is FortiGate’s behavior when local disk logging is disabled?A . Only real-time logs appear on the FortiGate dashboard.B . No logs are generated.C . Alert emails are disabled.D . Remote logging is automatically enabled.View AnswerAnswer: A

December 3, 2018 No Comments READ MORE +

What else is required for the CASI profile to work properly?

An administrator has blocked Netflix login in a cloud access security inspection (CASI) profile. The administrator has also applied the CASI profile to a firewall policy. What else is required for the CASI profile to work properly?A . You must enable logging for security events on the firewall policy.B ....

December 2, 2018 No Comments READ MORE +

What should be done next to troubleshoot the problem?

View the exhibit. The client cannot connect to the HTTP web server. The administrator run the FortiGate built-in sniffer and got the following output: What should be done next to troubleshoot the problem?A . Execute another sniffer in the FortiGate, this time with the filter “host 10.0.1.10”.B . Run a...

November 24, 2018 No Comments READ MORE +

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)A . The interface has been configured for one-arm sniffer.B . The interface is a member of a virtual wire pair.C . The operation mode is transparent.D ....

November 22, 2018 No Comments READ MORE +

A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?

An administrator has configured two VLAN interfaces: A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?A . Both interfaces must...

November 8, 2018 No Comments READ MORE +

Which of the following statements are true?

Which of the following statements are true? (Choose two.)A . Browsers can be configured to retrieve this PAC file from the FortiGate.B . Any web request to the 172.25.120.0/24 subnet is allowed to bypass the proxy.C . All requests not made to Fortinet.com or the 172.25.120.0/24 subnet, have to go...

November 6, 2018 No Comments READ MORE +

What is the effect of the Disconnect Cluster Member operation as shown in the exhibit?

View the exhibit. What is the effect of the Disconnect Cluster Member operation as shown in the exhibit? (Choose two.)A . The HA mode changes to standalone.B . The firewall policies are deleted on the disconnected member.C . The system hostname is set to the FortiGate serial number.D . The...

November 6, 2018 No Comments READ MORE +

An administrator has configured a dialup IPsec VPN with XAuth. Which method statement best describes this scenario?

An administrator has configured a dialup IPsec VPN with XAuth. Which method statement best describes this scenario?A . Only digital certificates will be accepted as an authentication method in phase 1.B . Dialup clients must provide a username and password for authentication.C . Phase 1 negotiations will skip pre-shared key...

November 5, 2018 No Comments READ MORE +

An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?

An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?A . Non-recursiveB . RecursiveC . Forward to primary and secondary DNSD...

November 1, 2018 No Comments READ MORE +

What traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

What traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)A . Traffic to inappropriate web sitesB . SQL injection attacksC . Server information disclosure attacksD . Credit card data leaksE . Traffic to botnet command and control (C&C) serversView AnswerAnswer: B,C,E

October 31, 2018 No Comments READ MORE +