by a FortiGate in NAT /Route mode, when searching for a suitable gateway?
If there are no changes in the routing table and in the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate in NAT /Route mode, when searching for a suitable gateway?A . A lookup is done only when the first packet...
What statements are true regarding the sessions that the master unit is offloading to the slave unit for inspection?
Two FortiGate units with NP6 processors form an active-active cluster. The cluster is doing security profile (UTM) inspection over all the user traffic. What statements are true regarding the sessions that the master unit is offloading to the slave unit for inspection? (Choose two.)A . They are offloaded to the...
Which operation mode is the best choice for these requirements?
Acme Web Hosting is replacing one of their firewalls with a FortiGate. It must be able to apply port forwarding to their back-end web servers while blocking virus uploads and TCP SYN floods from attackers. Which operation mode is the best choice for these requirements?A . NAT/route B. NAT mode...
How do you configure a FortiGate to apply traffic shaping to P2P traffic, such as BitTorrent?
How do you configure a FortiGate to apply traffic shaping to P2P traffic, such as BitTorrent?A . Apply a traffic shaper to a BitTorrent entry in an application control list, which is then applied to a firewall policy. B. Enable the shape option in a firewall policy with service set...
Which of the following conditions are required for this static default route to be displayed in the FortiGate unit's routing table?
A static route is configured for a FortiGate unit from the CLI using the following commands: config router static edit 1 set device “wan1” set distance 20 set gateway 192.168.100.1 next end Which of the following conditions are required for this static default route to be displayed in the FortiGate...
Which of the following statements are correct regarding FSSO in a Windows domain environment when DC-agent mode is used?
FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows active directory. Which of the following statements are correct regarding FSSO in a Windows domain environment when DC-agent mode is used? (Choose two.)A . An FSSO collector agent must be...
Which two statements are true regarding firewall policy disclaimers? (Choose two.)
Which two statements are true regarding firewall policy disclaimers? (Choose two.)A . They cannot be used in combination with user authentication. B. They can only be applied to wireless interfaces. C. Users must accept the disclaimer to continue. D. The disclaimer page is customizable.View AnswerAnswer: CD
Which statements are correct properties of a partial mesh VPN deployment. (Choose two.)
Which statements are correct properties of a partial mesh VPN deployment. (Choose two.)A . VPN tunnels interconnect between every single location. B. VPN tunnels are not configured between every single location. C. Some location may be reachable via a hub location. D. It cannot contain redundant VPN tunnels.View AnswerAnswer: BC
A new version of FortiOS firmware has just been released. When you upload new firmware, which is true?
A new version of FortiOS firmware has just been released. When you upload new firmware, which is true?A . If you upload the firmware image via the boot loader's menu from a TFTP server, it will not preserve the configuration. But if you upload new firmware via the GUI or...
Which static route is automatically added to the client's routing table when the tunnel mode is activatrd?
A user logs into a SSL VPN portal and activates the tunnel mode. The exhibit shows the firewall policy and the user's SSL VPN portal configuration: Which static route is automatically added to the client's routing table when the tunnel mode is activatrd?A . A route to a destination subnet...