- All Exams Instant Download
What inspections are executed by the IPS engine? (Choose three.)
What inspections are executed by the IPS engine? (Choose three.)A . Application controlB . Flow-based data leak preventionC . Proxy-based antispamD . Flow-based web filteringE . Proxy-based antivirusView AnswerAnswer: A,B,D
A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting.Games). Based on this configuration, which statement is true?
View the exhibit. A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting.Games). Based on this configuration, which statement is true?A . Addicting.Games is allowed based on the Application Overrides configuration.B . Addicting.Games is blocked based on the Filter Overrides configuration.C . Addicting.Games can be allowed only if...
Which statements about IP-based explicit proxy authentication are true? (Choose two.)
Which statements about IP-based explicit proxy authentication are true? (Choose two.)A . IP-based authentication is best suited to authenticating users behind a NAT device.B . Sessions from the same source address are treated as a single user.C . IP-based authentication consumes less FortiGate’s memory than session-based authentication.D . FortiGate remembers...
Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.)
Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.)A . tiff.tiffB . tiff.pngC . tiff.jpegD . gif.tiffView AnswerAnswer: A,D
Which statements about the output are correct?
Which statements about the output are correct? (Choose two.)A . FortiGate received a TCP SYN/ACK packet.B . The source IP address of the packet was translated to 10.0.1.10.C . FortiGate routed the packet through port 3.D . The packet was allowed by the firewall policy with the ID 00007fc0.View AnswerAnswer:...
Which statements about the output are true?
Examine this output from the diagnose sys top command: Which statements about the output are true? (Choose two.)A . sshd is the process consuming most memoryB . sshd is the process consuming most CPUC . All the processes listed are in sleeping stateD . The sshd process is using 123...
What does the configuration do?
What does the configuration do? (Choose two.)A . Reduces the amount of logs generated by denied traffic.B . Enforces device detection on all interfaces for 30 minutes.C . Blocks denied users for 30 minutes.D . Creates a session for traffic being denied.View AnswerAnswer: A,D
How does FortiGate select the central SNAT policy that is applied to a TCP session?
How does FortiGate select the central SNAT policy that is applied to a TCP session?A . It selects the SNAT policy specified in the configuration of the outgoing interface.B . It selects the first matching central-SNAT policy from top to bottom.C . It selects the central-SNAT policy with the lowest...
How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent?
How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent?A . Apply an application control profile allowing BitTorrent to a firewall policy and configure a traffic shaping policy.B . Enable the shape option in a firewall policy with service set to BitTorrent.C . Apply...
How does FortiGate look for a matching firewall policy to process traffic?
How does FortiGate look for a matching firewall policy to process traffic?A . From top to bottom, based on the sequence numbers.B . Based on best match.C . From top to bottom, based on the policy ID numbers.D . From lower to higher, based on the priority value.View AnswerAnswer: A
