What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to work?

A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service. What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to...

August 2, 2023 No Comments READ MORE +

When configuring a firewall virtual wire pair policy, which following statement is true?

When configuring a firewall virtual wire pair policy, which following statement is true?A . Any number of virtual wire pairs can be included, as long as the policy traffic direction is the same. B. Only a single virtual wire pair can be included in each policy. C. Any number of...

August 2, 2023 No Comments READ MORE +

A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface.

A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface. Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.A . The two VLAN sub interfaces can...

August 1, 2023 No Comments READ MORE +

Which three pieces of Information will be Included in me sniffer output?

An administrator is running the following sniffer command: Which three pieces of Information will be Included in me sniffer output? {Choose three.)A . Interface name B. Packet payload C. Ethernet header D. IP header E. Application headerView AnswerAnswer: A,B,D

August 1, 2023 No Comments READ MORE +

Which of the following statements are correct?

View the exhibit. Which of the following statements are correct? (Choose two.)A . This setup requires at least two firewall policies with the action set to IPsec. B. Dead peer detection must be disabled to support this type of IPsec setup. C. The TunnelB route is the primary route for...

August 1, 2023 No Comments READ MORE +

In which two ways can RPF checking be disabled? (Choose two )

In which two ways can RPF checking be disabled? (Choose two )A . Enable anti-replay in firewall policy. B. Disable the RPF check at the FortiGate interface level for the source check C. Enable asymmetric routing. D. Disable strict-arc-check under system settings.View AnswerAnswer: B D

August 1, 2023 No Comments READ MORE +

Which statement is correct regarding the use of application control for inspecting web applications?

Which statement is correct regarding the use of application control for inspecting web applications?A . Application control can identity child and parent applications, and perform different actions on them. B. Application control signatures are organized in a nonhierarchical structure. C. Application control does not require SSL inspection to identity web...

July 31, 2023 No Comments READ MORE +

Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?

Refer to the exhibit. The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router. When the administrator tries to access the web server public address (203.0.113.2) from the internet,...

July 30, 2023 No Comments READ MORE +

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)A . Proxy-based inspection B. Certificate inspection C. Flow-based inspection D. Full Content inspectionView AnswerAnswer: A,C

July 30, 2023 No Comments READ MORE +

What is the reason for the failed virus detection by FortiGate?

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...

July 30, 2023 No Comments READ MORE +