- All Exams Instant Download
Which statement is correct based on this configuration?
An administrator has enabled the DHCP Server on the port1 interface and configured the following based on the exhibit. Which statement is correct based on this configuration? Response:A . The MAC address 00:0c:29:29:38:da belongs to the port1 interface.B . Access to the network is blocked for the devices with the...
Examine the following log message attributes and select two correct statements from the list below.
Examine the following log message attributes and select two correct statements from the list below. (Choose two.) Response:A . The category action was set to warning.B . The website was allowed on the first attempt.C . The user was prompted to decide whether to proceed or go back.D . The...
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?
Examine the exhibit, which contains a virtual IP and a firewall policy configuration. The WAN(port1) interface has the IP address 10.200.1.1/24. The LAN(port2) interface has the IP address 10.0.1.254/24. The top firewall policy has NAT enabled using outgoing interface address. The second firewall policy configured with a virtual IP (VIP)...
What is required in the FortiGate configuration to route traffic between both subnets through an inter-VDOM link?
Examine the exhibit, which shows a FortiGate device with two VDOMs: VDOM1 and VDOM2. Both VDOMs are operating in NAT/route mode. The subnet 10.0.1.0/24 is connected to VDOM1. The subnet 10.0.2.0/24 is connected to VDOM2. There is an inter-VDOM link between VDOM1 and VDOM2. What is required in the FortiGate...
Which statement best describes the role of a DC agent in an FSSO DC agent mode solution?
Which statement best describes the role of a DC agent in an FSSO DC agent mode solution? Response:A . Captures the logon events and forwards them to FortiGate.B . Captures the logon events and forwards them to the collector agent.C . Captures the logon and logoff events and forwards them...
Which of the following statements are true about route-based IPsec VPNs?
Which of the following statements are true about route-based IPsec VPNs? (Choose two.) Response:A . A virtual IPsec interface is automatically created after a phase 1 is added to the configurationB . They require firewall policies with the Action set to IPsecC . They support L2TP-over-IPsec tunnelsD . They can...
Which of the following protocols is used to encrypt the user data payload in an IPsec tunnel?
Which of the following protocols is used to encrypt the user data payload in an IPsec tunnel? Response:A . AHB . IKEC . ISAKMPD . ESPView AnswerAnswer: D
What step is required to configure an SSL VPN to access to an internal server using port forward mode?
What step is required to configure an SSL VPN to access to an internal server using port forward mode? Response:A . Configure the virtual IP addresses to be assigned to the SSL VPN users.B . Install FortiClient SSL VPN clientC . Create a SSL VPN realm reserved for clients using...
Which ways can FortiGate deliver one-time passwords (OTPs) to two-factor authentication users in your network?
Which ways can FortiGate deliver one-time passwords (OTPs) to two-factor authentication users in your network? (Choose three.) Response:A . Hardware FortiTokenB . Web portalC . SMSD . USB FortiTokenE . FortiToken MobileView AnswerAnswer: ACE
LDAP and RADIUS are both remote authentication servers that FortiGate can tie into for authentication. What is a key difference between these servers?
LDAP and RADIUS are both remote authentication servers that FortiGate can tie into for authentication. What is a key difference between these servers? Response:A . Only LDAP can have a secure connection with FortiGate using a server certificate.B . Only LDAP can be configured to authenticate groups as defined on...
