- All Exams Instant Download
Which two statements are true?
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset.B . FortiGate devices are not in sync because one device is down.C . FortiGate SN FGVM010000064692...
What setting on the collector agent is required to achieve this?
An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?A . Add the support of NTLM authentication.B . Add user accounts to Active Directory (AD).C . Add user accounts to the FortiGate group fitter.D...
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?A . It limits the scanning of application traffic to the DNS protocol only.B . It limits the scanning of application traffic to use parent signatures only.C . It limits...
Which two key configuration changes are needed on FortiGate to meet the design requirements?
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. * All traffic must be routed through the primary tunnel when both tunnels are up * The secondary tunnel must be used only if the primary tunnel goes...
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.) A. The keyUsage extension must be set to keyCertSign. B. The common name on the subject field must use a wildcard name. C. The issuer must be a...
Which contains a session list output. Based on the information shown in the exhibit, which statement is true?
Refer to the exhibit. Which contains a session list output. Based on the information shown in the exhibit, which statement is true?A . Destination NAT is disabled in the firewall policy.B . One-to-one NAT IP pool is used in the firewall policy.C . Overload NAT IP pool is used in...
Which statement is correct regarding the use of application control for inspecting web applications?
Which statement is correct regarding the use of application control for inspecting web applications?A . Application control can identity child and parent applications, and perform different actions on them.B . Application control signatures are organized in a nonhierarchical structure.C . Application control does not require SSL inspection to identity web...
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?A . get system statusB . get system performance statusC . diagnose sys topD . get system arpView AnswerAnswer: D Explanation: "If you suspect that there is an IP address conflict, or that an IP...
Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate?
CORRECT TEXT Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)A . Security policyB . SSL inspection and authentication policyView AnswerAnswer: AB
Which of statement is true about SSL VPN web mode?
Which of statement is true about SSL VPN web mode?A . The tunnel is up while the client is connected.B . It supports a limited number of protocols.C . The external network application sends data through the VPN.D . It assigns a virtual IP address to the client.View AnswerAnswer: B...
