Which of the following statements describe WMI polling mode for FSSO collector agent? (Choose two.)

Which of the following statements describe WMI polling mode for FSSO collector agent? (Choose two.)A . The collector agent does not need to search any security event logs.B . WMI polling can increase bandwidth usage with large networks.C . The NetSessionEnum function is used to track user logoffs.D . The...

January 2, 2019 No Comments READ MORE +

Which of the following statements are correct?

View the exhibit. Which of the following statements are correct? (Choose two.)A . This is a redundant IPsec setup.B . The TunnelB route is the primary one for searching the remote site. The TunnelA route is used only if the TunnelB VPN is down.C . This setup requires at least...

January 1, 2019 No Comments READ MORE +

Which statement about the firewall policy authentication timeout is true?

Which statement about the firewall policy authentication timeout is true?A . It is a hard timeout. The FortiGate removes the temporary policy for a user’s source IP address after this times expires.B . It is a hard timeout. The FortiGate removes the temporary policy for a user’s source MAC address...

December 23, 2018 No Comments READ MORE +

In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?A . Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.B . Client > secondary FortiGate>...

December 22, 2018 No Comments READ MORE +

Which configuration steps must be performed on both units to support this scenario? (Choose three.)

Which configuration steps must be performed on both units to support this scenario? (Choose three.)A . Define the phase 2 parameters.B . Set the phase 2 encapsulation method to transport mode.C . Define at least one firewall policy, with the action set to IPsec.D . Define a route to the...

December 11, 2018 No Comments READ MORE +

Based on this output, which statements are correct?

View the exhibit. Based on this output, which statements are correct? (Choose two.)A . FortiGate generated an event log for system conserve mode.B . FortiGate has entered in to system conserve mode.C . By default, the FortiGate blocks new sessions.D . FortiGate changed the global av-failopen settings to idledrop.View AnswerAnswer:...

December 10, 2018 No Comments READ MORE +

What is required in the SSL VPN configuration to meet these requirements?

A company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups. What is required in the SSL VPN configuration to meet these requirements?A . Two separated SSL VPNs in different...

December 9, 2018 No Comments READ MORE +

How does FortiGate verify the login credentials of a remote LDAP user?

How does FortiGate verify the login credentials of a remote LDAP user?A . FortiGate sends the user entered credentials to the LDAP server for authentication.B . FortiGate re-generates the algorithm based on the login credentials and compares it against the algorithm stored on the LDAP server.C . FortiGate queries its...

December 9, 2018 2 Comments READ MORE +

Which of the following statements about central NAT are true? (Choose two.)

Which of the following statements about central NAT are true? (Choose two.)A . IP tool references must be removed from existing firewall policies before enabling central NAC . Central NAT can be enabled or disabled from the CLI only.D . Source NAT, using central NAT, requires at least one central...

December 9, 2018 No Comments READ MORE +

An administrator is using the FortiGate built-in sniffer to capture HTTP traffic between a client and a server, however, the sniffer output shows only the packets related with TCP session setups and disconnections. Why?

An administrator is using the FortiGate built-in sniffer to capture HTTP traffic between a client and a server, however, the sniffer output shows only the packets related with TCP session setups and disconnections. Why?A . The administrator is running the sniffer on the internal interface only.B . The filter used...

December 5, 2018 No Comments READ MORE +