- All Exams Instant Download
Which one of the following processes is involved in updating IPS from FortiGuard?
Which one of the following processes is involved in updating IPS from FortiGuard?A . FortiGate IPS update requests are sent using UDP port 443.B . Protocol decoder update requests are sent to service.fortiguard.net.C . IPS signature update requests are sent to update.fortiguard.net.D . IPS engine updates can only be obtained...
Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)
Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)A . Lookup is done on the first packet from the session originatorB . Lookup is done on the last packet sent from the responderC . Lookup is done on every packet,...
Which of the following statements about converse mode are true? (Choose two.)
Which of the following statements about converse mode are true? (Choose two.)A . FortiGate stops sending files to FortiSandbox for inspection.B . FortiGate stops doing RPF checks over incoming packets.C . Administrators cannot change the configuration.D . Administrators can access the FortiGate only through the console port.View AnswerAnswer: A C
Which security profile’s configuration does not change when you enable policy-based inspection?
NGFW mode allows policy-based configuration for most inspection rules. Which security profile’s configuration does not change when you enable policy-based inspection?A . Web filteringB . AntivirusC . Web proxyD . Application controlView AnswerAnswer: B
Which statements about DNS filter profiles are true? (Choose two.)
Which statements about DNS filter profiles are true? (Choose two.)A . They can inspect HTTP traffic.B . They can redirect blocked requests to a specific portal.C . They can block DNS requests to known botnet command and control servers.D . They must be applied in firewall policies with SSL inspection...
Why did the FortiGate drop the packet?
Examine this output from a debug flow: Why did the FortiGate drop the packet?A . The next-hop IP address is unreachable.B . It failed the RPF check.C . It matched an explicitly configured firewall policy with the action DENE . It matched the default implicit firewall policy.View AnswerAnswer: D
If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does FortiGate take?
If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does FortiGate take?A . It notifies the administrator by sending an email.B . It provides a DLP block replacement page with a link to download the file.C . It blocks all future traffic for...
Which of the following static routes will satisfy this requirement on FGT1?
Examine the network diagram shown in the exhibit, and then answer the following question: A firewall administrator must configure equal cost multipath (ECMP) routing on FGT1 to ensure both port1 and port3 links are used at the same time for all traffic destined for 172.20.2.0/24. Which of the following static...
Which of the following statements are correct?
View the exhibit. Which of the following statements are correct? (Choose two.)A . This setup requires at least two firewall policies with the action set to IPsec.B . Dead peer detection must be disabled to support this type of IPsec setup.C . The TunnelB route is the primary route for...
Which of the following static routes will satisfy this requirement on FGT1?
Examine the network diagram shown in the exhibit, and then answer the following question: A firewall administrator must configure equal cost multipath (ECMP) routing on FGT1 to ensure both port1 and port3 links are used at the same time for all traffic destined for 172.20.2.0/24. Which of the following static...
