- All Exams Instant Download
Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers?
Refer to the exhibit. An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)A . The Detection Mode setting is not set to Passive. B. Administrator didn't configure a gateway for the...
What is the reason for the failed virus detection by FortiGate?
A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?A . FortiGate automatically negotiates different local and remote addresses with the remote peer. B. FortiGate automatically negotiates a new security association after the existing security association expires. C. FortiGate automatically negotiates different encryption and...
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?
Refer to the exhibit. Examine the intrusion prevention system (IPS) diagnostic command. Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?A . The IPS engine was inspecting high volume of traffic. B. The IPS engine...
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.) A. The keyUsage extension must be set to keyCertSign. B. The common name on the subject field must use a wildcard name. C. The issuer must be a...
Which feature in the Security Fabric takes one or more actions based on event triggers?
Which feature in the Security Fabric takes one or more actions based on event triggers?A . Fabric Connectors B. Automation Stitches C. Security Rating D. Logical TopologyView AnswerAnswer: B Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/286973/fortinet-security-fabric
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?
Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?A . By default, FortiGate uses WINS servers to resolve names. B. By default, the SSL VPN portal requires the installation of a client's certificate. C. By default, split tunneling is enabled. D. By default,...
Given the interfaces shown in the exhibit. which two statements are true?
Refer to the exhibit. Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)A . Traffic between port2 and port2-vlan1 is allowed by default. B. port1-vlan10 and port2-vlan10 are part of the same broadcast domain. C. port1 is a native VLAN. D. port1-vlan and port2-vlan1 can...
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?A . It limits the scope of application control to the browser-based technology category only. B. It limits the scope of application control to scan application traffic based on application...
