- All Exams Instant Download
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?A . It limits the scanning of application traffic to the DNS protocol only. B. It limits the scanning of application traffic to use parent signatures only. C. It limits...
Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?
Refer to the exhibit. The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router. When the administrator tries to access the web server public address (203.0.113.2) from the internet,...
Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?
Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?A . The public key of the web server certificate must be installed on the browser. B. The web-server certificate must be installed on the browser....
Which statement is correct regarding the inspection of some of the services available by web applications embedded in third-party websites?
Which statement is correct regarding the inspection of some of the services available by web applications embedded in third-party websites?A . The security actions applied on the web applications will also be explicitly applied on the third-party websites. B. The application signature database inspects traffic only from the original web...
What setting on the collector agent is required to achieve this?
An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?A . Add the support of NTLM authentication. B. Add user accounts to Active Directory (AD). C. Add user accounts to the FortiGate group fitter....
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)A . FortiCache B. FortiSIEM C. FortiAnalyzer D. FortiSandbox E. FortiCloudView AnswerAnswer: B,C,E Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/265052/logging-and-reporting-overview
Which two key configuration changes are needed on FortiGate to meet the design requirements?
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. * All traffic must be routed through the primary tunnel when both tunnels are up * The secondary tunnel must be used only if the primary tunnel goes...
Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?
Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B). Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?A . The firewall policy performs the full content inspection...
Based on the raw log, which two statements are correct?
Refer to the exhibit. Based on the raw log, which two statements are correct? (Choose two.)A . Traffic is blocked because Action is set to DENY in the firewall policy. B. Traffic belongs to the root VDOM. C. This is a security log. D. Log severity is set to error...
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)A . DNS B. ping C. udp-echo D. TWAMPView AnswerAnswer: C,D
