- All Exams Instant Download
Based on the output shown in the exhibit, which two statements are correct?
Refer to the FortiGuard connection debug output. Based on the output shown in the exhibit, which two statements are correct? (Choose two.)A . A local FortiManager is one of the servers FortiGate communicates with.B . One server was contacted to retrieve the contract information.C . There is at least one...
How does FortiGate act when using SSL VPN in web mode?
How does FortiGate act when using SSL VPN in web mode?A . FortiGate acts as an FDS server.B . FortiGate acts as an HTTP reverse proxy.C . FortiGate acts as DNS server.D . FortiGate acts as router.View AnswerAnswer: C Explanation: Reference: https://pub.kb.fortinet.com/ksmcontent/Fortinet-Public/current/Fortigate_v4.0MR3/fortigate-sslvpn-40-mr3.pdf
Which statement about the policy ID number of a firewall policy is true?
Which statement about the policy ID number of a firewall policy is true?A . It is required to modify a firewall policy using the CLC . It represents the number of objects used in the firewall policy.D . It changes when firewall policies are reordered.E . It defines the order...
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?A . By default, FortiGate uses WINS servers to resolve names.B . By default, the SSL VPN portal requires the installation of a client’s certificate.C . By default, split tunneling is enabled.D . By default,...
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)A . The firmware image must be manually uploaded to each FortiGate.B . Only secondary FortiGate devices are rebooted.C . Uninterruptable upgrade is enabled by default.D . Traffic load balancing is temporally disabled while upgrading...
What should the administrator do next to troubleshoot the problem?
Refer to the exhibit. In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit. What should the administrator do next to troubleshoot the problem?A . Run a...
Which interface will be selected as an outgoing interface?
Refer to the exhibit. The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check. Which interface will be selected as an outgoing interface?A . port2B . port4C . port3D . port1View AnswerAnswer: D
Why did the FortiGate drop the packet?
Examine this output from a debug flow: Why did the FortiGate drop the packet?A . The next-hop IP address is unreachable.B . It failed the RPF check.C . It matched an explicitly configured firewall policy with the action DENE . It matched the default implicit firewall policy.View AnswerAnswer: D Explanation:...
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?
Refer to the exhibit. A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up. Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2...
Which two other security profiles can you apply to the security policy?
FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy. Which two other security profiles can you apply to the security policy? (Choose two.)A . Antivirus scanningB . File filterC . DNS filterD . Intrusion preventionView AnswerAnswer: A,C
