- All Exams Instant Download
Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)
Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)A . Shut down/reboot a downstream FortiGate device.B . Disable FortiAnalyzer logging for a downstream FortiGate device.C . Log in to a downstream FortiSwitch device.D . Ban or unban compromised hosts.View AnswerAnswer: BC
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?A . get system statusB . get system performance statusC . diagnose sys topD . get system arpView AnswerAnswer: D
What are the two results of this configuration?
An administrator has configured the following settings: What are the two results of this configuration? (Choose two.)A . Device detection on all interfaces is enforced for 30 minutes.B . Denied users are blocked for 30 minutes.C . A session for denied traffic is created.D . The number of logs generated...
Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)
Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)A . FortiGate points the collector agent to use a remote LDAP server.B . FortiGate uses the AD server as the collector agent.C . FortiGate uses the SMB protocol to read the event viewer logs from the DCs.D...
Given the security fabric topology shown in the exhibit, which two statements are true?
Refer to the exhibit. Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)A . This security fabric topology is a logical topology view.B . There are 19 security recommendations for the security fabric.C . There are five devices that are part of the...
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)A . FortiCacheB . FortiSIEMC . FortiAnalyzerD . FortiSandboxE . FortiCloudView AnswerAnswer: B,C,D
Based on this configuration, which statement is true?
View the exhibit. A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?A . Addicting.Games is allowed based on the Application Overrides configuration.B . Addicting.Games is blocked on the Filter Overrides configuration.C . Addicting.Games can be allowed only if...
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?A . remote user’s public IP addressB . The public IP address of the FortiGate device.C . The remote user’s virtual IP address.D . The internal...
Which statements best describe auto discovery VPN (ADVPN). (Choose two.)
Which statements best describe auto discovery VPN (ADVPN). (Choose two.)A . It requires the use of dynamic routing protocols so that spokes can learn the routes to other spokes.B . ADVPN is only supported with IKEv2.C . Tunnels are negotiated dynamically between spokes.D . Every spoke requires a static tunnel...
Which of the following are purposes of NAT traversal in IPsec? (Choose two.)
Which of the following are purposes of NAT traversal in IPsec? (Choose two.)A . To delete intermediary NAT devices in the tunnel path.B . To dynamically change phase 1 negotiation mode aggressive mode.C . To encapsulation ESP packets in UDP packets using port 4500.D . To force a new DH...
