- All Exams Instant Download
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?A . get system statusB . get system performance statusC . diagnose sys topD . get system arpView AnswerAnswer: C
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate?
Consider the topology: Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server. An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator...
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?A . Log IDB . Universally Unique IdentifierC . Policy IDD . Sequence IDView AnswerAnswer: B Explanation:...
Which additional best practice can an administrator implement?
An administrator has configured two-factor authentication to strengthen SSL VPN access. Which additional best practice can an administrator implement?A . Configure Source IP Pools.B . Configure split tunneling in tunnel mode.C . Configure different SSL VPN realms.D . Configure host check.View AnswerAnswer: D
Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)
Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)A . For a stronger authentication, you can also enable extended authentication (XAuth) to request the remote peer to provide a username and passwordB . FortiGate supports pre-shared key and signature as authentication methods.C . Enabling XAuth results in...
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)A . diagnose sys topB . execute pingC . execute tracerouteD . diagnose sniffer packet anyE . get system arpView AnswerAnswer: A,B,D
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)A . DNSB . pingC . udp-echoD . TWAMPView AnswerAnswer: A,C
Which three statements about a flow-based antivirus profile are correct? (Choose three.)
Which three statements about a flow-based antivirus profile are correct? (Choose three.)A . IPS engine handles the process as a standalone.B . FortiGate buffers the whole file but transmits to the client simultaneously.C . If the virus is detected, the last packet is delivered to the client.D . Optimized performance...
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?
Refer to the exhibit. The exhibit contains a network diagram, central SNAT policy, and IP pool configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IP address 10.0.1.254/24. A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1)....
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?
Refer to the exhibit. Examine the intrusion prevention system (IPS) diagnostic command. Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?A . The IPS engine was inspecting high volume of traffic.B . The IPS engine...
