- All Exams Instant Download
Which statement about the policy ID number of a firewall policy is true?
Which statement about the policy ID number of a firewall policy is true?A . It is required to modify a firewall policy using the CLC . It represents the number of objects used in the firewall policy.D . It changes when firewall policies are reordered.E . It defines the order...
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?A . get system statusB . get system performance statusC . diagnose sys topD . get system arpView AnswerAnswer: D
Which scanning technique on FortiGate can be enabled only on the CLI?
Which scanning technique on FortiGate can be enabled only on the CLI?A . Heuristics scanB . Trojan scanC . Antivirus scanD . Ransomware scanView AnswerAnswer: A Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/567568/enabling-scanning
Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?
Refer to the exhibit. Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?A . Custom permission for NetworkB . Read/Write permission for Log & ReportC . CLI diagnostics commands permissionD . Read/Write permission for FirewallView AnswerAnswer:...
How does FortiGate act when using SSL VPN in web mode?
How does FortiGate act when using SSL VPN in web mode?A . FortiGate acts as an FDS server.B . FortiGate acts as an HTTP reverse proxy.C . FortiGate acts as DNS server.D . FortiGate acts as router.View AnswerAnswer: B
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?
Examine the exhibit, which contains a virtual IP and firewall policy configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24. The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a...
Which two statements are true about the FGCP protocol? (Choose two.)
Which two statements are true about the FGCP protocol? (Choose two.)A . Not used when FortiGate is in Transparent modeB . Elects the primary FortiGate deviceC . Runs only over the heartbeat linksD . Is used to discover FortiGate devices in different HA groupsView AnswerAnswer: BC
How must the administrator configure the local quick mode selector for site B?
An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the local...
Which statement is correct if well-known viruses are not being blocked?
Refer to the exhibit to view the firewall policy. Which statement is correct if well-known viruses are not being blocked?A . The firewall policy does not apply deep content inspection.B . The firewall policy must be configured in proxy-based inspection mode.C . The action on the firewall policy must be...
Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)
Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)A . SSHB . HTTPSC . FTMD . FortiTelemetryView AnswerAnswer: A,B Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/995103/buildingsecurity-into-fortios
