Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?
Examine the exhibit, which contains a virtual IP and firewall policy configuration. The WAN (port1) interface has the IP address 10.200. 1. 1/24. The LAN (port2) interface has the IP address 10.0. 1.254/24. The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is...
Based on the exhibit, which configuration change can the administrator make to allow Twitter while blocking all other social networking sites?
Refer to exhibit. An administrator configured the web filtering profile shown in the exhibit to block access to all social networking sites except Twitter. However, when users try to access twitter.com, they are redirected to a FortiGuard web filtering block page. Based on the exhibit, which configuration change can the...
Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?
Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?A . diagnose wad session listB . diagnose wad session list | grep hook-pre&&hook-outC . diagnose wad session list | grep hook=pre&&hook=outD . diagnose wad session list | grep "hook=pre"&"hook=out"View AnswerAnswer: A
Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?
Refer to the exhibit. The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router. When the administrator tries to access the web server public address (203.0.113.2) from the internet,...
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?
An organization's employee needs to connect to the office through a high-latency internet connection. Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?A . Change the session-ttl.B . Change the login timeout.C . Change the idle-timeout.D . Change the udp idle timer.View AnswerAnswer: B
Which three pieces of information are included in the sniffer output?
Refer to the exhibit. An administrator is running a sniffer command as shown in the exhibit. Which three pieces of information are included in the sniffer output? (Choose three.)A . Interface nameB . Ethernet headerC . IP headerD . Application headerE . Packet payloadView AnswerAnswer: A,C,E Explanation: Reference: https://kb.fortinet.com/kb/documentLink .do?externalID=11186...
Which policy will be highlighted, based on the input criteria?
Refer to the exhibits. The exhibits show the firewall policies and the objects used in the firewall policies. The administrator is using the Policy Lookup feature and has entered the search criteria shown in the exhibit. Which policy will be highlighted, based on the input criteria?A . Policy with ID...
Which statement correctly describes the use of reliable logging on FortiGate?
Which statement correctly describes the use of reliable logging on FortiGate?A . Reliable logging is enabled by default in all configuration scenarios.B . Reliable logging is required to encrypt the transmission of logs.C . Reliable logging can be configured only using the CLI.D . Reliable logging prevents the loss of...
Which statement about video filtering on FortiGate is true?
Which statement about video filtering on FortiGate is true?A . Full SSL Inspection is not required.B . It is available only on a proxy-based firewall policy.C . It inspects video files hosted on file sharing services.D . Video filtering FortiGuard categories are based on web filter FortiGuard categories.View AnswerAnswer: B...
What setting on the collector agent is required to achieve this?
An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?A . Add the support of NTLM authentication. B. Add user accounts to Active Directory (AD). C. Add user accounts to the FortiGate group fitter....