- All Exams Instant Download
Which two statements are true?
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset.B . FortiGate devices are not in sync because one device is down.C . FortiGate SN FGVM010000064692...
In this scenario, what are two requirements for the VLAN ID?
FortiGate is operating in NAT mode and is configured with two virtual LAN (VLAN) subinterfaces added to the same physical interface. In this scenario, what are two requirements for the VLAN ID? (Choose two.)A . The two VLAN subinterfaces can have the same VLAN ID, only if they have IP...
Which two security profiles are handled by the IPS engine?
Examine the exhibit, which shows a firewall policy configured with multiple security profiles. Which two security profiles are handled by the IPS engine? (Choose two.)A . Web FilterB . IPSC . AntiVirusD . Application ControlView AnswerAnswer: B,D Explanation: When the FortiGate is set for proxy inspection mode, the IPS engine...
Which two key configuration changes must the administrator make on FortiGate to meet the requirements?
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down. In...
What interface must be used as the source for the firewall policy that will allow this traffic?
An administrator needs to create a tunnel mode SSL-VPN to access an internal web server from the Internet. The web server is connected to port1. The Internet is connected to port2. Both interfaces belong to the VDOM named Corporation. What interface must be used as the source for the firewall...
Which statement about traffic flow in an active-active HA cluster is true?
Which statement about traffic flow in an active-active HA cluster is true? A. The SYN packet from the client always arrives at the primary device first. B. The secondary device responds to the primary device with a SYN/ACK, and then the primary device forwards the SYN/ACK to the client. C....
If the Services field is configured in a Virtual IP (VIP), which of the following statements is true when central NAT is used?
If the Services field is configured in a Virtual IP (VIP), which of the following statements is true when central NAT is used?A . The Services field removes the requirement of creating multiple VIPs for different services.B . The Services field is used when several VIPs need to be bundled...
Which two IP pool types are useful for carrier-grade NAT deployments? (Choose two.)
Which two IP pool types are useful for carrier-grade NAT deployments? (Choose two.) A. Port block allocation B. Fixed port range C. One-to-one D. OverloadView AnswerAnswer: A,B Explanation: The two IP pool types that are useful for carrier-grade NAT (CGNAT) deployments are: A. Port block allocation B. Fixed port range...
Based on the configuration, what will happen to Apple FaceTime?
Refer to the exhibit to view the application control profile. Based on the configuration, what will happen to Apple FaceTime?A . Apple FaceTime will be allowed, based on the Apple filter configuration.B . Apple FaceTime will be allowed, based on the Categories configuration.C . Apple FaceTime will be blocked, based...
Which two statements are true?
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset.B . FortiGate devices are not in sync because one device is down.C . FortiGate SN FGVM010000064692...
