- All Exams Instant Download
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)A . FortiCache B. FortiSIEM C. FortiAnalyzer D. FortiSandbox E. FortiCloudView AnswerAnswer: B,C,E Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/265052/logging-and-reporting-overview
Which of the following statements are true?
Examine this PAC file configuration. Which of the following statements are true? (Choose two.)A . Browsers can be configured to retrieve this PAC file from the FortiGate. B. Any web request to the 172.25. 120.0/24 subnet is allowed to bypass the proxy. C. All requests not made to Fortinet.com or...
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?
Refer to the exhibit. Examine the intrusion prevention system (IPS) diagnostic command. Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?A . The IPS engine was inspecting high volume of traffic. B. The IPS engine...
Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers?
Refer to the exhibit. An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)A . The Detection Mode setting is not set to Passive. B. Administrator didn't configure a gateway for the...
Which two statements about the debug flow output are correct?
Refer to the exhibit showing a debug flow output. Which two statements about the debug flow output are correct? (Choose two.)A . The debug flow is of ICMP traffic. B. A firewall policy allowed the connection. C. A new traffic session is created. D. The default route is required to...
Which three pieces of information are included in the sniffer output?
Refer to the exhibit. An administrator is running a sniffer command as shown in the exhibit. Which three pieces of information are included in the sniffer output? (Choose three.)A . Interface name B. Ethernet header C. IP header D. Application header E. Packet payloadView AnswerAnswer: A,C,E Explanation: Reference: https://kb.fortinet.com/kb/documentLink .do?externalID=11186...
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.) A. The keyUsage extension must be set to keyCertSign. B. The common name on the subject field must use a wildcard name. C. The issuer must be a...
Which two statements are true?
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset. B. FortiGate devices are not in sync because one device is down. C. FortiGate SN FGVM010000064692...
Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?
An administrator must disable RPF check to investigate an issue. Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?A . Enable asymmetric routing, so the RPF check will be bypassed. B. Disable the RPF check at the FortiGate interface level for the...
Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate?
CORRECT TEXT Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)A . Security policy B. SSL inspection and authentication policyView AnswerAnswer: AB
