What inspections are executed by the IPS engine? (Choose three.)

What inspections are executed by the IPS engine? (Choose three.)A . Application controlB . Flow-based data leak preventionC . Proxy-based antispamD . Flow-based web filteringE . Proxy-based antivirusView AnswerAnswer: A,B,D

August 20, 2018 No Comments READ MORE +

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting.Games). Based on this configuration, which statement is true?

View the exhibit. A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting.Games). Based on this configuration, which statement is true?A . Addicting.Games is allowed based on the Application Overrides configuration.B . Addicting.Games is blocked based on the Filter Overrides configuration.C . Addicting.Games can be allowed only if...

August 18, 2018 No Comments READ MORE +

Which statements about IP-based explicit proxy authentication are true? (Choose two.)

Which statements about IP-based explicit proxy authentication are true? (Choose two.)A . IP-based authentication is best suited to authenticating users behind a NAT device.B . Sessions from the same source address are treated as a single user.C . IP-based authentication consumes less FortiGate’s memory than session-based authentication.D . FortiGate remembers...

August 11, 2018 No Comments READ MORE +

Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.)

Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.)A . tiff.tiffB . tiff.pngC . tiff.jpegD . gif.tiffView AnswerAnswer: A,D

August 11, 2018 No Comments READ MORE +

Which statements about the output are correct?

Which statements about the output are correct? (Choose two.)A . FortiGate received a TCP SYN/ACK packet.B . The source IP address of the packet was translated to 10.0.1.10.C . FortiGate routed the packet through port 3.D . The packet was allowed by the firewall policy with the ID 00007fc0.View AnswerAnswer:...

July 30, 2018 No Comments READ MORE +

Which statements about the output are true?

Examine this output from the diagnose sys top command: Which statements about the output are true? (Choose two.)A . sshd is the process consuming most memoryB . sshd is the process consuming most CPUC . All the processes listed are in sleeping stateD . The sshd process is using 123...

July 28, 2018 No Comments READ MORE +

What does the configuration do?

What does the configuration do? (Choose two.)A . Reduces the amount of logs generated by denied traffic.B . Enforces device detection on all interfaces for 30 minutes.C . Blocks denied users for 30 minutes.D . Creates a session for traffic being denied.View AnswerAnswer: A,D

July 24, 2018 No Comments READ MORE +

How does FortiGate select the central SNAT policy that is applied to a TCP session?

How does FortiGate select the central SNAT policy that is applied to a TCP session?A . It selects the SNAT policy specified in the configuration of the outgoing interface.B . It selects the first matching central-SNAT policy from top to bottom.C . It selects the central-SNAT policy with the lowest...

July 20, 2018 No Comments READ MORE +

How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent?

How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent?A . Apply an application control profile allowing BitTorrent to a firewall policy and configure a traffic shaping policy.B . Enable the shape option in a firewall policy with service set to BitTorrent.C . Apply...

July 8, 2018 No Comments READ MORE +

How does FortiGate look for a matching firewall policy to process traffic?

How does FortiGate look for a matching firewall policy to process traffic?A . From top to bottom, based on the sequence numbers.B . Based on best match.C . From top to bottom, based on the policy ID numbers.D . From lower to higher, based on the priority value.View AnswerAnswer: A

July 6, 2018 No Comments READ MORE +