Which two statements are true when FortiGate is in transparent mode? (Choose two.)

Which two statements are true when FortiGate is in transparent mode? (Choose two.)A . By default, all interfaces are part of the same broadcast domain.B . The existing network IP schema must be changed when installing a transparent mode.C . Static routes are required to allow traffic to the next...

November 25, 2023 No Comments READ MORE +

How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?

Examine this FortiGate configuration: How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?A . It always authorizes the traffic without requiring authentication.B . It drops the traffic.C . It authenticates the traffic using the authentication scheme SCHEME2.D . It authenticates the traffic...

November 25, 2023 No Comments READ MORE +

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)A . Proxy-based inspectionB . Certificate inspectionC . Flow-based inspectionD . Full Content inspectionView AnswerAnswer: A,C

November 25, 2023 No Comments READ MORE +

Based on the raw log, which two statements are correct?

Refer to the exhibit. Based on the raw log, which two statements are correct? (Choose two.)A . Traffic is blocked because Action is set to DENY in the firewall policy.B . Traffic belongs to the root VDOM.C . This is a security log.D . Log severity is set to error...

November 24, 2023 No Comments READ MORE +

Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?A . To remove the NAT operation.B . To generate logsC . To finish any inspection operations.D . To allow for out-of-order packets that could arrive after...

November 24, 2023 No Comments READ MORE +

Which of the following statements are correct?

View the exhibit. Which of the following statements are correct? (Choose two.)A . This setup requires at least two firewall policies with the action set to IPsec.B . Dead peer detection must be disabled to support this type of IPsec setup.C . The TunnelB route is the primary route for...

November 24, 2023 No Comments READ MORE +

Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Refer to the exhibit. Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?A . The signature setting uses a custom rating threshold.B . The signature setting includes a group of other signatures.C . Traffic matching the...

November 24, 2023 No Comments READ MORE +

Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

Which statements best describe auto discovery VPN (ADVPN). (Choose two.)A . It requires the use of dynamic routing protocols so that spokes can learn the routes to other spokes.B . ADVPN is only supported with IKEv2.C . Tunnels are negotiated dynamically between spokes.D . Every spoke requires a static tunnel...

November 23, 2023 No Comments READ MORE +

What is the reason for the failed virus detection by FortiGate?

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...

November 23, 2023 No Comments READ MORE +

Which three statements are true regarding session-based authentication? (Choose three.)

Which three statements are true regarding session-based authentication? (Choose three.)A . HTTP sessions are treated as a single user.B . IP sessions from the same source IP address are treated as a single user.C . It can differentiate among multiple clients behind the same source IP address.D . It requires...

November 22, 2023 No Comments READ MORE +