In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?
An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug: diagnose debug application ike-1 diagnose debug enable In which order is each step and phase displayed in the debug output each...
Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route?
View the exhibit, which contains a partial routing table, and then answer the question below. Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)A . Source IP address 10.1.0.24, Destination IP address 10.72.3.20. B. Source IP address 10.72.3.27, Destination IP address...
Why the default route using port2 is not displayed in the output of the second command?
Examine the following partial outputs from two routing debug commands; then answer the question below: Why the default route using port2 is not displayed in the output of the second command?A . It has a lower priority than the default route using port1. B. It has a higher priority than...
Why didn’t the tunnel come up?
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. Why didn’t the tunnel come up?A . The pre-shared keys do not match. B. The remote gateway’s phase 2 configuration does not match the local gateway’s phase 2 configuration. C. The...
Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?
View these partial outputs from two routing debug commands: Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?A . Both port1 and port2 B. port3 C. port1 D. port2View AnswerAnswer: C
Which statement about NGFW policy-based application filtering is true?
Which statement about NGFW policy-based application filtering is true?A . After the application has been identified, the kernel uses only the Layer 4 header to match the traffic. B. The IPS security profile is the only security option you can apply to the security policy with the action set to...
What is the meaning of the packets dropped counter at the end of the sniffer?
Examine the following partial output from a sniffer command; then answer the question below. What is the meaning of the packets dropped counter at the end of the sniffer?A . Number of packets that didn’t match the sniffer filter. B. Number of total packets dropped by the FortiGate. C. Number...
Which two statements about the Security Fabric are true? (Choose two.)
Which two statements about the Security Fabric are true? (Choose two.)A . Only the root FortiGate collects network information and forwards it to FortiAnalyzer. B. FortiGate uses FortiTelemetry protocol to communicate with FortiAnalyzer. C. All FortiGate devices in the Security Fabric must have bidirectional FortiTelemetry connectivity. D. Branch FortiGate devices...
Why didn’t the script make any changes to the managed device?
An administrator has configured the following CLI script on FortiManager, which failed to apply any changes to the managed device after being executed. Why didn’t the script make any changes to the managed device?A . Commands that start with the # sign are not executed. B. CLI scripts will add...
What OSPF configuration settings must match in both VDOMs to have the OSPF adjacency successfully forming?
An administrator has configured a FortiGate device with two VDOMs: root and internal. The administrator has also created and inter-VDOM link that connects both VDOMs. The objective is to have each VDOM advertise some routes to the other VDOM via OSPF through the inter-VDOM link . What OSPF configuration settings...