You have enabled a web filter security profile in a firewall policy to log all blocked websites. What options do you have to either actively or passively monitor these logs?

You have enabled a web filter security profile in a firewall policy to log all blocked websites. What options do you have to either actively or passively monitor these logs? (Choose two.) Response:A . Alert Message consoleB . FortiView menuC . Alert emailD . Monitor menuView AnswerAnswer: AC

January 22, 2019 No Comments READ MORE +

If antivirus, grayware, and heuristic scans are enabled on FortiGate, in which order does FortiGate apply the scanning?

If antivirus, grayware, and heuristic scans are enabled on FortiGate, in which order does FortiGate apply the scanning? Response:A . heuristics -> grayware -> antivirusB . antivirus -> grayware -> heuristicsC . antivirus -> heuristics -> graywareD . grayware -> antivirus -> heuristicsView AnswerAnswer: B

January 14, 2019 No Comments READ MORE +

Which of the following settings and protocols can be used to provide secure and restrictive administrative access to FortiGate?

Which of the following settings and protocols can be used to provide secure and restrictive administrative access to FortiGate? (Choose three.) Response:A . Trusted hostB . HTTPSC . Trusted authenticationD . SSHE . FortiTelemetryView AnswerAnswer: ABD

January 12, 2019 No Comments READ MORE +

How does FortiGate select the central SNAT policy that is applied to a TCP session?

How does FortiGate select the central SNAT policy that is applied to a TCP session? Response:A . It selects the SNAT policy specified in the configuration of the outgoing interface.B . It selects the first matching central-SNAT policy from top to bottom.C . It selects the central-SNAT policy with the...

January 6, 2019 No Comments READ MORE +

What methods can you use to back up logs?

What methods can you use to back up logs? (Choose three.) Response:A . SNMPB . USBC . SFTPD . TFTPE . FTPView AnswerAnswer: BDE

December 31, 2018 No Comments READ MORE +

Why must you use aggressive mode when a local FortiGate IPsec gateway hosts multiple dialup tunnels?

Why must you use aggressive mode when a local FortiGate IPsec gateway hosts multiple dialup tunnels? Response:A . The FortiGate is able to handle NATed connections only with aggressive mode.B . FortiClient supports aggressive mode.C . The remote peers are able to provide their peer IDs in the first message...

December 31, 2018 No Comments READ MORE +

Which statements are true of public key infrastracture (PKI) users on FortiGate?

Which statements are true of public key infrastracture (PKI) users on FortiGate? (Choose two.) Response:A . FortiGate must include the CA certificate that issued the PKI peer user certificate.B . PKI users can belong to firewall user groups.C . PKI users must authenticate with both a certificate and a password.D...

December 25, 2018 No Comments READ MORE +

Which statements about the output are true?

Examine this output from the diagnose sys top command: Which statements about the output are true? (Choose two.) Response:A . sshd is the process consuming most memoryB . sshd is the process consuming most CPUC . All the processes listed are in sleeping stateD . The sshd process is using...

December 19, 2018 No Comments READ MORE +

Which of the following statements about advanced AD access mode for the FSSO collector agent are true?

Which of the following statements about advanced AD access mode for the FSSO collector agent are true? (Choose two.) Response:A . FortiGate can act as an LDAP client to configure the group filters.B . It is only supported if DC agents are deployed.C . It supports monitoring of nested groups.D...

December 16, 2018 1 Comment READ MORE +

When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?

View the exhibit. When a user attempts to connect to an HTTPS site, what is the expected result with this configuration? Response:A . The user is required to authenticate before accessing sites with untrusted SSL certificates.B . The user is presented with certificate warnings when connecting to sites that have...

December 12, 2018 No Comments READ MORE +