- All Exams Instant Download
Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)
Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)A . WarningB . ExemptC . AllowD . LearnView AnswerAnswer: AC
How must the administrator configure the local quick mode selector for site B?
An administrator is configuring an IPsec between site A and site B. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the...
Which statement regarding the firewall policy authentication timeout is true?
Which statement regarding the firewall policy authentication timeout is true?A . It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source IC . It is a hard timeout. The FortiGate removes the temporary policy for...
What FortiGate components are tested during the hardware test? (Choose three.)
What FortiGate components are tested during the hardware test? (Choose three.)A . Administrative accessB . HA heartbeatC . CPUD . Hard diskE . Network interfacesView AnswerAnswer: CDE
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)A . The firmware image must be manually uploaded to each FortiGate.B . Only secondary FortiGate devices are rebooted.C . Uninterruptable upgrade is enabled by default.D . Traffic load balancing is temporally disabled while upgrading...
Why is FortiGate not blocking the test file over FTP download?
Refer to the following exhibit. Why is FortiGate not blocking the test file over FTP download?A . Deep-inspection must be enabled for FortiGate to fully scan FTP traffic.B . FortiGate needs to be operating in flow-based inspection mode in order to scan FTP traffic.C . The FortiSandbox signature database is...
What FortiGate configuration is required to actively prompt users for credentials?
What FortiGate configuration is required to actively prompt users for credentials?A . You must enable one or more protocols that support active authentication on a firewall policyB . You must position the firewall policy for active authentication before a firewall policy foe passive authentication.C . You must assign users to...
Which is a requirement for creating an inter-VDOM link between two VDOMs?
Which is a requirement for creating an inter-VDOM link between two VDOMs?A . The inspection mode of at least one VDOM must be proxy-based.B . At least one of the VDOMs must operate in NAT mode.C . The inspection mode of both VDOMs must match.D . Both VDOMs must operate...
Which configuration option is the most effective option to support this request?
A team manager has decided that while some members of the team need access to particular website, the majority of the team does not. Which configuration option is the most effective option to support this request?A . Implement a web filter category override for the specified website.B . Implement web...
Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)
Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)A . This is known as many-to-one NAC . Source IP is translated to the outgoing interface IE . Connections are tracked using source port and source MAC address.F . Port...
