- All Exams Instant Download
Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?
View the exhibit, which contains the partial output of an IKE real time debug, and then answer the question below. The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase...
Which two statements about the output are true?
Refer to the exhibit, which contains the output of a diagnose command. Which two statements about the output are true? (Choose two.)A . This is an expected session created by a session helperB . This is an expected session created by an application control profile.C . Traffic in the original...
What should the administrator check?
A corporate network allows internet Access to FSSO users only. The FSSO user student does not have internet access after successfully logged into the Windows AD network. The output of the ‘diagnose debug authd fsso list’ command does not show student as an active FSSO user. Other FSSO users can...
Why is the default route that uses port2 not in the output of the second command?
Examine these partial outputs from two routing debug commands: # get router info routing-table database S 0.0.0.0/0 [20/0] via 100.64.2.254, port2, [10/0] S *> 0.0.0.0/0 [10/0] via 100.64.1.254, port1 # get router info routing-table all S* 0.0.0.0/0 [10/0] via 100.64.1.254, port1 Why is the default route that uses port2 not...
Which configuration change will make the local peer advertise this prefix?
Examine the following routing table and BGP configuration; then answer the question below. The BGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?A . Enable the redistribution of connected routers into BGP.B . Enable...
What does the log mean?
Examine the following traffic log; then answer the question below. date-20xx-02-01 time=19:52:01 devname=masterdevice_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted." What does the log mean?A . There is not enough available memory in the system to create a new entry in the NAT port table.B...
Assuming all the appropriate firewall policies are configured, which two pings will FortiGate route?
Refer to the exhibit, which contains a partial routing table. Assuming all the appropriate firewall policies are configured, which two pings will FortiGate route? (Choose two.)A . Source IP address 10.1.0.24, Destination IP address 10.72.3.20.B . Source IP address 10.72.3.52, Destination IP address 10.1.0.254.C . Source IP address 10.72.3.27, Destination...
Based on the output, which of the following statements is correct?
View the exhibit, which contains the partial output of a diagnose command, and then answer the question below. Based on the output, which of the following statements is correct?A . Anti-replay is enabled.B . DPD is disabled.C . Quick mode selectors are disabled.D . Remote gateway IP is 10.200.5.1.View AnswerAnswer:...
Which command will capture ESP traffic for the VPN named DialUp_0?
Refer to the exhibit, which contains the output of the diagnose vpn tunnel list. Which command will capture ESP traffic for the VPN named DialUp_0?A . diagnose sniffer packet any 'port 4500'B . diagnose sniffer packet any 'esp and host 10.200.3.2'C . diagnose sniffer packet any 'host 10.0.10.10'D . diagnose...
Which of the following statements is true regarding this output?
View the exhibit, which contains the output of a real-time debug, and then answer the question below. Which of the following statements is true regarding this output? (Choose two.)A . This web request was inspected using the root web filter profile.B . FortiGate found the requested URL in its local...
