Which SYN flood mitigation mode must the customer use?
A customer wants to enable SYN flood mitigation in a FortiDDoS device. The FortiDDoS must reply with one SYN/ACK packet per SYN packet from a new source IP address. Which SYN flood mitigation mode must the customer use?A . SYN retransmission B. SYN/ACK cookie C. SYN cookie D. ACK cookieView...
In this scenario, which application delivery control is configured in the FortiADC?
Refer to the exhibit. As shown in the exhibit, a FortiADC is load-balancing IPv4 traffic between two next-hop routers. The FortiADC does not know the IP addresses of the servers. Also, the FortiADC is doing Layer 7 content inspection and modification. In this scenario, which application delivery control is configured...
In this scenario, which two methods will satisfy the requirement?
You want to access the JSON API on FortiManager to retrieve information on an object. In this scenario, which two methods will satisfy the requirement? (Choose two.)A . Download the WSDL file from FortiManager administration GUI. B. Make a call with the curl utility on your workstation. C. Make a...
What should you do to solve this problem?
You are building a FortiGate cluster which is stretched over two locations. The HA connections for the cluster are terminated on the local switches in the data centers. Once the FortiGate devices have booted, they do not form a cluster. The network operators inform you that CRC errors are present...
Which statement represents the purpose of this policy?
Refer to the exhibit. The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb. Which statement represents the purpose of this policy?A . The policy redirects all HTTPS URLs to HTTP. B. The policy redirects all HTTP URLs to HTTPS. C. The policy redirects only HTTP...
Which two considerations are valid to implement CDR in this scenario?
A customer is looking for a way to remove javascripts, macros and hyperlinks from documents traversing the network without affecting the integrity of the content. You propose to use the Content disarm and reconstruction (CDR) feature of the FortiGate. Which two considerations are valid to implement CDR in this scenario?...
Referring to the exhibit, what can be causing this problem?
Refer to the exhibit. You configured AV and Web filtering for your outgoing Internet connections. You later notice that not all Web sessions are being inspected and you start troubleshooting the problem. Referring to the exhibit, what can be causing this problem?A . The Web session is using QUIC which...
Which URL will accomplish this task?
You are administering the FortiGate 5000 and FortiGate 7000 series products. You want to access the HTTPS GUI of the blade located in logical slot 3 of the secondary chassis in a high-availability cluster. Which URL will accomplish this task?A . https://192.168.1.99:44322 B. https://192.168.1.99:44323 C. https://192.168.1.99:44313 D. https://192.168.1.99:44302View AnswerAnswer: B
Which two CLI commands will help you to troubleshoot this problem?
You cannot ping the FortiGate default gateway 10.10.10.1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan1 and its IP address is 10.10.10.254/24. During the initial troubleshooting tests, you confirm that you can ping other IP addresses in the 10.10.10.0/24 subnet from the FortiGate CLI without...
Which prevention mode on FortiDDoS will protect you against this specific type of attack?
You are asked to add a FortiDDoS to the network to combat detected slow connection attacks such as Slowloris. Which prevention mode on FortiDDoS will protect you against this specific type of attack?A . asymmetric mode B. aggressive aging mode C. rate limiting mode D. blocking modeView AnswerAnswer: B