- All Exams Instant Download
An administrator needs to be able to view logs for application usage on your network. What configurations are required to ensure that FortiGate generates logs for application usage activity? (Choose two.)
An administrator needs to be able to view logs for application usage on your network. What configurations are required to ensure that FortiGate generates logs for application usage activity? (Choose two.)A . Enable a web filtering profile on the firewall policy.B . Create an application control policy.C . Enable logging...
Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)
Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)A . TCP SYN proxyB . SIP session helperC . Proxy-based antivirusD . Attack signature matchingE . Flow-based web filteringView AnswerAnswer: C,D,E
Which statement is correct based on this configuration?
Which statement is correct based on this configuration?A . The MAC address 00:0c:29:29:38:da belongs to the port1 interface.B . Access to the network is blocked for the devices with the MAC address 00:0c:29:29:38:da and the IP address 10.0.1.254.C . 00:0c:29:29:38:da is the virtual MAC address assigned to the secondary IP...
When using WPAD DNS method, what is the FQDN format that browsers use to query the DNS server?
When using WPAD DNS method, what is the FQDN format that browsers use to query the DNS server?A . wpad.<local-domain>B . srv_tcp.wpad.<local-domain>C . srv_proxy.<local-domain>/wpad.datD . proxy.<local-domain>.wpadView AnswerAnswer: A
Which configuration objects can be selected for the Source filed of a firewall policy? (Choose two.)
Which configuration objects can be selected for the Source filed of a firewall policy? (Choose two.)A . FQDN addressB . IP poolC . User or user groupD . Firewall serviceView AnswerAnswer: B,C
Which route will be selected when trying to reach 10.20.30.254?
View the example routing table. Which route will be selected when trying to reach 10.20.30.254?A . 10.20.30.0/26 [10/0] via 172.20.168.254, port2B . The traffic will be dropped because it cannot be routed.C . 10.20.30.0/24 [10/0] via 172.20.167.254, port3D . 0.0.0.0/0 [10/0] via 172.20.121.2, port1View AnswerAnswer: C
Which statements about antivirus scanning using flow-based full scan are true? (Choose two.)
Which statements about antivirus scanning using flow-based full scan are true? (Choose two.)A . The antivirus engine starts scanning a file after the last packet arrives.B . It does not support FortiSandbox inspection.C . FortiGate can insert the block replacement page during the first connection attempt only if a virus...
Which statement about this configuration is correct?
Which statement about this configuration is correct?A . The FortiGate generates spanning tree BPDU frames.B . The FortiGate device forwards received spanning tree BPDU frames.C . The FortiGate can block an interface if a layer-2 loop is detected.D . Ethernet layer-2 loops are likely to occur.View AnswerAnswer: B
Which statements about DNS filter profiles are true? (Choose two.)
Which statements about DNS filter profiles are true? (Choose two.)A . They can inspect HTTP traffic.B . They must be applied in firewall policies with SSL inspection enabled.C . They can block DNS request to known botnet command and control servers.D . They can redirect blocked requests to a specific...
Which component of FortiOS performs application control inspection?
Which component of FortiOS performs application control inspection?A . KernelB . Antivirus engineC . IPS engineD . Application control engineView AnswerAnswer: D
