An administrator must disable RPF check to investigate an issue.
Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?
Answer : D
Reference:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD33955
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
✑ All traffic must be routed through the primary tunnel when both tunnels are up.
✑ The secondary tunnel must be used only if the primary tunnel goes down.
✑ In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover.
Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two.)
Answer : BC
Refer to the exhibit.
Answer : AD
Which two statements are correct about SLA targets? (Choose two.)
Answer : AC
Refer to the web filter raw logs.
Answer : B
Which two statements are true about collector agent standard access mode? (Choose two.)
Answer : AB
Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).
Exhibit A -
Answer : C
Refer to the exhibit.
Answer : BC
Which three methods are used by the collector agent for AD polling? (Choose three.)
Answer : BDE
Reference:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
Refer to the exhibit.
Answer : A
Reference:
https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/168495
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source field of a firewall policy?
Answer : C
Reference:
https://docs.fortinet.com/document/fortigate/6.2.5/cookbook/179236/using-internet-service-in-policy
Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)
Answer : BC
Which Security rating scorecard helps identify configuration weakness and best practice violations in your network?
Answer : C
Reference:
https://www.fortinet.com/content/dam/fortinet/assets/support/fortinet-recommended-security-best-practices.pdf
What is the primary FortiGate election process when the HA override setting is disabled?
Answer : B
Reference:
http://myitmicroblog.blogspot.com/2018/11/what-should-you-know-about-ha-override.html
Refer to the exhibit.
Exhibit A -
Answer : A
Reference:
https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/150494
Have any questions or issues ? Please dont hesitate to contact us