- All Exams Instant Download
Based on this configuration, which statement is true?
View the exhibit. A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?A . Addicting.Games is allowed based on the Application Overrides configuration.B . Addicting.Games is blocked on the Filter Overrides configuration.C . Addicting.Games can be allowed only if...
Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)
Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)A . Shut down/reboot a downstream FortiGate device.B . Disable FortiAnalyzer logging for a downstream FortiGate device.C . Log in to a downstream FortiSwitch device.D . Ban or unban compromised hosts.View AnswerAnswer: A
Which of the following statements are true?
Examine this PAC file configuration. Which of the following statements are true? (Choose two.)A . Browsers can be configured to retrieve this PAC file from the FortiGate.B . Any web request to the 172.25.120.0/24 subnet is allowed to bypass the proxy.C . All requests not made to Fortinet.com or the...
Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?
Examine the network diagram shown in the exhibit, then answer the following question: Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?A . 172.16.0.0/16 [50/0] via 10.4.200.2, port2 [5/0]B . 0.0.0.0/0 [20/0] via 10.4.200.2, port2C ....
Which two statements ate true about the Security Fabric rating? (Choose two.)
Which two statements ate true about the Security Fabric rating? (Choose two.)A . It provides executive summaries of the four largest areas of security focus.B . Many of the security issues can befixed immediately by click ng Apply where available.C . The Security Fabric rating must be run on the...
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?A . remote user’s public IP addressB . The public IP address of the FortiGate device.C . The remote user’s virtual IP address.D . The internal...
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?
Refer to the exhibit. The exhibits show a network diagram and the explicit web proxy configuration. In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?A . ‘host 192.168.0.2 and port 8080’B . ‘host 10.0.0.50 and port...
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?A . get system statusB . get system performance statusC . diagnose sys topD . get system arpView AnswerAnswer: C
Which of the following statements about central NAT are true? (Choose two.)
Which of the following statements about central NAT are true? (Choose two.)A . IP tool references must be removed from existing firewall policies before enabling central NAC . Central NAT can be enabled or disabled from the CLI only.D . Source NAT, using central NAT, requires at least one central...
Which of the following are purposes of NAT traversal in IPsec? (Choose two.)
Which of the following are purposes of NAT traversal in IPsec? (Choose two.)A . To delete intermediary NAT devices in the tunnel path.B . To dynamically change phase 1 negotiation mode aggressive mode.C . To encapsulation ESP packets in UDP packets using port 4500.D . To force a new DH...
