- All Exams Instant Download
Why is the port2 default route not in the second command's output?
Refer to the exhibit, which contains partial outputs from two routing debug commands. Why is the port2 default route not in the second command's output?A . It has a higher priority value than the default route using port1.B . It is disabled in the FortiGate configuration.C . It has a...
In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?
An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug: diagnose debug application ike-1 diagnose debug enable In which order is each step and phase displayed in the debug output each...
Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1...
What is the diagnose test application ipsmenitor 5 command used for?
What is the diagnose test application ipsmenitor 5 command used for?A . To enable IPS bypass modeB . To disable the IPS engineC . To restart all IPS engines and monitorsD . To provide information regarding IPS sessionsView AnswerAnswer: A Explanation: # diagnose test application ipsmonitor 5: Toggle bypass status...
Which IP addresses are included in the output of this command?
Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below. Which IP addresses are included in the output of this command?A . Those whose traffic matches a DoS policy.B . Those whose traffic matches an IPS sensor.C . Those whose traffic...
What does the dirty flag mean in a FortiGate session configured for NGFW policy mode?
What does the dirty flag mean in a FortiGate session configured for NGFW policy mode?A . The existing session table entry has been updated with the app_id and the firewall policy table needs to be checked for a match.B . The application or URL category is unknown and needs to...
Which one of the following statements about this FortiGate is correct?
View the exhibit, which contains the output of a debug command, and then answer the question below. Which one of the following statements about this FortiGate is correct?A . It is currently in system conserve mode because of high CPU usage.B . It is currently in extreme conserve mode because...
What is causing the IPsec problem in the phase 1 ?
An administrator added the following Ipsec VPN to a FortiGate configuration: configvpn ipsec phasel -interface edit "RemoteSite" set type dynamic set interface "portl" set mode main set psksecret ENC LCVkCiK2E2PhVUzZe next end config vpn ipsec phase2-interface edit "RemoteSite" set phasel name "RemoteSite" set proposal 3des-sha256 next end However, the phase...
Which statements are correct regarding the output shown?
View the exhibit, which contains the output of diagnose sys session stat, and then answer the question below. Which statements are correct regarding the output shown? (Choose two.)A . There are 0 ephemeral sessions.B . All the sessions in the session table are TCP sessions.C . No sessions have been...
What must the administrator change to fix the issue?
Refer to the exhibit, which shows a FortiGate configuration. An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however, the web filter is not inspecting any traffic that is passing through the policy. What must...
