- All Exams Instant Download
Which two other security profiles can you apply to the security policy?
FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy. Which two other security profiles can you apply to the security policy? (Choose two.)A . Antivirus scanningB . File filterC . DNS filterD . Intrusion preventionView AnswerAnswer: A,C
Which security profile’s configuration does not change when you enable policy-based inspection?
NGFW mode allows policy-based configuration for most inspection rules. Which security profile’s configuration does not change when you enable policy-based inspection?A . Web filteringB . AntivirusC . Web proxyD . Application controlView AnswerAnswer: B
Why is FortiGate not generating any traffic for the performance SLA?
Refer to the exhibit. Which contains a Performance SLA configuration. An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?A . Participants configured are not SD-WAN members.B . There may not be a static...
Which statement is correct if well-known viruses are not being blocked?
Refer to the exhibit to view the firewall policy. Which statement is correct if well-known viruses are not being blocked?A . The firewall policy does not apply deep content inspection.B . The firewall policy must be configured in proxy-based inspection mode.C . The action on the firewall policy must be...
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?A . Log IDB . Universally Unique IdentifierC . Policy IDD . Sequence IDView AnswerAnswer: B Explanation:...
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)A . Traffic to botnetserversB . Traffic to inappropriate web sitesC . Server information disclosure attacksD . Credit card data leaksE . SQL injection attacksView AnswerAnswer: A,C,E
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)A . DNSB . pingC . udp-echoD . TWAMPView AnswerAnswer: A,C
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?A . By default, FortiGate uses WINS servers to resolve names.B . By default, the SSL VPN portal requires the installation of a client’s certificate.C . By default, split tunneling is enabled.D . By default,...
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?
Refer to the exhibit. A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up. Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2...
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?
Refer to the exhibit. Examine the intrusion prevention system (IPS) diagnostic command. Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?A . The IPS engine was inspecting high volume of traffic.B . The IPS engine...
