- All Exams Instant Download
Which two statements about the use of digital certificates are true?
Which two statements about the use of digital certificates are true?A . An intermediate CA can sign server certificatesB . An intermediate CA can sign another intermediate CA certificateC . The end entity's certificate can only be created by an intermediate CD . An intermediate CA can validate the end...
Which layer of the FortiOS architecture does an application process or daemon run on?
Which layer of the FortiOS architecture does an application process or daemon run on?A . User spaceB . Configuration layerC . KernelD . HardwareView AnswerAnswer: A
What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?
What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?A . av-failopenB . mem-failopenC . utm-failopenD . ips-failopenView AnswerAnswer: A
What action does FortiSwitch take when it receives a loop guard data packet (LGDP) that was sent by itself?
What action does FortiSwitch take when it receives a loop guard data packet (LGDP) that was sent by itself?A . The receiving port is shut downB . The sending port is shut downC . The receiving port is moved to the STP blocking stateD . The sending port is moved...
Which of the following statements about this debug output are true?
View the exhibit, which of the contains the partial output of an IKE real-time debug, then answer the question below. Which of the following statements about this debug output are true? (Choose two.)A . The name of the tunnel being negotiated is VPN.B . Both phases 1 and 2 are...
Which statements are correct regarding the output?
View the exhibit, which contains the output of get sys ha status, and then answer the question below. Which statements are correct regarding the output? (Choose two.)A . The slave configuration is not synchronized with the master.B . The HA management IP is 169.254.0.2.C . Master is selected because it...
What are two impacts on applications if adjusting the TCP Maximum Segment Size (MSS) on FortiGate? (Choose two.)
What are two impacts on applications if adjusting the TCP Maximum Segment Size (MSS) on FortiGate? (Choose two.)A . The MSS configuration is prone to errors since it requires a thorough understanding of the network path.B . The packet count increases adding unnecessary TCP headers when the MSS value is...
Which statements are true regarding the above output?
Examine the output of the ‘get router info ospf interface’ command shown in the exhibit; then answer the question below. Which statements are true regarding the above output? (Choose two.)A . The port4 interface is connected to the OSPF backbone area.B . The local FortiGate has been elected as the...
Which two statements about an auxiliary session are true? (Choose two.)
Which two statements about an auxiliary session are true? (Choose two.)A . With the auxiliary session setting enabled, ECMP traffic is accelerated to the NP6 processor.B . With the auxiliary session setting disabled, for each traffic path, FortiGate will use the same auxiliary session.C . With the auxiliary session disabled,...
Which option and value pair will allow more specific detection?
View the following exhibit, which contains the sniffer output for a passive mode FTP request. An administrator has created the following custom IPS signature to block all FTP requests for passive mode: F-SBID (--attack_id 1002; --name "Block.FTP "; --protocol tcp; --flow from_client; --pattern "PASV"; --no_case;) Soon after the signature is...
