- All Exams Instant Download
Which IP addresses are included in the output of this command?
Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below. Which IP addresses are included in the output of this command?A . Those whose traffic matches a DoS policy. B. Those whose traffic matches an IPS sensor. C. Those whose traffic...
What is the meaning of the packets dropped counter at the end of the sniffer?
Examine the following partial output from a sniffer command; then answer the question below. What is the meaning of the packets dropped counter at the end of the sniffer?A . Number of packets that didn’t match the sniffer filter. B. Number of total packets dropped by the FortiGate. C. Number...
What does the log mean?
Examine the following traffic log; then answer the question below. date-20xx-02-01 time=19:52:01 devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted." What does the log mean?A . There is not enough available memory in the system to create a new entry in the NAT port...
Which of the following statements are correct regarding application layer test commands? (Choose two.)
Which of the following statements are correct regarding application layer test commands? (Choose two.)A . They are used to filter real-time debugs. B. They display real-time application debugs. C. Some of them display statistics and configuration information about a feature or process. D. Some of them can be used to...
In which two states is a given session categorized as ephemeral? (Choose two.)
In which two states is a given session categorized as ephemeral? (Choose two.)A . A TCP session waiting to complete the three-way handshake. B. A TCP session waiting for FIN ACK. C. A UDP session with packets sent and received. D. A UDP session with only one packet received.View AnswerAnswer:...
Which two statements about the Security Fabric are true? (Choose two.)
Which two statements about the Security Fabric are true? (Choose two.)A . Only the root FortiGate collects network information and forwards it to FortiAnalyzer. B. FortiGate uses FortiTelemetry protocol to communicate with FortiAnalyzer. C. All FortiGate devices in the Security Fabric must have bidirectional FortiTelemetry connectivity. D. Branch FortiGate devices...
If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?A . diagnose sniffer packet any ‘udp port 500’ B. diagnose sniffer packet any ‘udp port 4500’...
Which statements are correct regarding the output?
View the exhibit, which contains the output of get sys ha status, and then answer the question below. Which statements are correct regarding the output? (Choose two.)A . The slave configuration is not synchronized with the master. B. The HA management IP is 169.254.0.2. C. Master is selected because it...
Why isn’t there any output?
Examine the IPsec configuration shown in the exhibit; then answer the question below. An administrator wants to monitor the VPN by enabling the IKE real time debug using these commands: diagnose vpn ike log-filter src-addr4 10.0.10.1 diagnose debug application ike -1 diagnose debug enable The VPN is currently up, there...
Which statement about NGFW policy-based application filtering is true?
Which statement about NGFW policy-based application filtering is true?A . After the application has been identified, the kernel uses only the Layer 4 header to match the traffic. B. The IPS security profile is the only security option you can apply to the security policy with the action set to...
