Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?
Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?A . Diagnose debug application radius -1.B . Diagnose debug application fnbamd -1.C . Diagnose authd console Clog enable.D . Diagnose radius console Clog enable.View AnswerAnswer: B Explanation: https://kb.fortinet.com/kb/documentLink.do?externalID=FD32838
Which of the following statements is true regarding this configuration?
View the global IPS configuration, and then answer the question below. Which of the following statements is true regarding this configuration?A . IPS will scan every byte in every session.B . FortiGate will spawn IPS engine instances based on the system load.C . New packets will be passed through without...
What does the dirty flag mean in a FortiGate session configured for NGFW policy mode?
What does the dirty flag mean in a FortiGate session configured for NGFW policy mode?A . The existing session table entry has been updated with the app_id and the firewall policy table needs to be checked for a match.B . The application or URL category is unknown and needs to...
Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)
Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)A . Installing configuration changes to managed devicesB . Importing interface mappings from managed devicesC . Adding devices to FortiManagerD . Previewing pending configuration changes for managed devicesView AnswerAnswer: A,D Explanation: Reference: https://docs.fortinet.com/document/fortimanager/6.2.0/administration-guide/668612/using-the-install-wizard-to-install-device-settings-only
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?A . FortiManager can download and maintain local copies of FortiGuard databases.B . FortiManager supports only FortiGuard push to managed devices.C . FortiManager will respond to update requests only if they originate from a...
What step must the administrator take to resolve this issue?
An administrator has created a VPN community within VPN Manager on FortiManager. They also added gateways to the VPN community and are now trying to create firewall policies to permit traffic over the tunnel; however, the VPN interfaces are not listed as available options. What step must the administrator take...
Which statement about IKE and IKE NAT-T is true?
Which statement about IKE and IKE NAT-T is true?A . IKE is used to encapsulate ESP traffic in some situations, and IKE NAT-T is used only when the local FortiGate is using NAT on the IPsec interface.B . IKE is the standard implementation for IKEv1 and IKE NAT-T is an...
If the HA ID for the primary unit is zero (0), which statement about the output is true?
Refer to the exhibit, which contains the output of diagnose sys session list. If the HA ID for the primary unit is zero (0), which statement about the output is true?A . This session cannot be synced with the slave unit.B . The inspection of this session has been offloaded...
What must the administrator change to fix the issue?
Refer to the exhibit, which shows a FortiGate configuration. An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however, the web filter is not inspecting any traffic that is passing through the policy. What must...
Which one of the following statements about this FortiGate is correct?
View the exhibit, which contains the output of a debug command, and then answer the question below. Which one of the following statements about this FortiGate is correct?A . It is currently in system conserve mode because of high CPU usage.B . It is currently in extreme conserve mode because...