Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Refer to the exhibit. Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?A . The signature setting uses a custom rating threshold. B. The signature setting includes a group of other signatures. C. Traffic matching the...

February 2, 2023 No Comments READ MORE +

Which two statements are true?

Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset. B. FortiGate devices are not in sync because one device is down. C. FortiGate SN FGVM010000064692...

February 2, 2023 No Comments READ MORE +

Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Examine the exhibit, which contains a virtual IP and firewall policy configuration. The WAN (port1) interface has the IP address 10.200. 1. 1/24. The LAN (port2) interface has the IP address 10.0. 1.254/24. The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is...

February 1, 2023 No Comments READ MORE +

Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers?

Refer to the exhibit. An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)A . The Detection Mode setting is not set to Passive. B. Administrator didn't configure a gateway for the...

January 31, 2023 No Comments READ MORE +

What is the reason for the failed virus detection by FortiGate?

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...

January 31, 2023 No Comments READ MORE +

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?A . FortiGate automatically negotiates different local and remote addresses with the remote peer. B. FortiGate automatically negotiates a new security association after the existing security association expires. C. FortiGate automatically negotiates different encryption and...

January 30, 2023 No Comments READ MORE +

Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?

Refer to the exhibit. Examine the intrusion prevention system (IPS) diagnostic command. Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?A . The IPS engine was inspecting high volume of traffic. B. The IPS engine...

January 30, 2023 No Comments READ MORE +

Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)

Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.) A. The keyUsage extension must be set to keyCertSign. B. The common name on the subject field must use a wildcard name. C. The issuer must be a...

January 30, 2023 No Comments READ MORE +

Which feature in the Security Fabric takes one or more actions based on event triggers?

Which feature in the Security Fabric takes one or more actions based on event triggers?A . Fabric Connectors B. Automation Stitches C. Security Rating D. Logical TopologyView AnswerAnswer: B Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/286973/fortinet-security-fabric

January 30, 2023 No Comments READ MORE +

Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?A . By default, FortiGate uses WINS servers to resolve names. B. By default, the SSL VPN portal requires the installation of a client's certificate. C. By default, split tunneling is enabled. D. By default,...

January 30, 2023 No Comments READ MORE +