An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device. The administrator decides to enable the setting link-failed-signal to fix the problem.
Which statement about this setting is true?
Answer : D
Reference:
https://kb.fortinet.com/kb/viewContent.do?externalId=FD40860&sliceId=1
Refer to the exhibit, which shows the output of a diagnose command.
Answer : AD
Explanation:
15 minutes is the default probing time, where the F flag is for failed connection. Flag I represents the Initial request on 209.222.147.36.
Refer to the exhibit, which shows a session table entry.
Answer : B
Which two statements about bulk configuration changes made using FortiManager CLI scripts are correct? (Choose two.)
Answer : AB
Reference:
https://docs.fortinet.com/document/fortimanager/6.2.1/administration-guide/71780/cli-scripts
Refer to the exhibits, which show the configuration on FortiGate and partial session information.
Answer : A
Reference:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40943
Refer to the exhibit, which shows the output of diagnose sys session list.
Answer : D
Refer to the exhibit, which shows the output of diagnose sys session stat.
Answer : BC
Refer to the exhibit, which shows a partial routing table.
Answer : BD
Explanation:
Only the source/destination pairs within the same VRF will be able to ping each other.
Refer to the exhibit, which contains partial output from an IKE real-time debug.
Answer : A
Explanation:
ISAKMP negotiation failed, which is a phase 1 function.
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
Answer : B
Reference:
https://docs.fortinet.com/document/fortimanager/6.0.6/cli-reference/330471/fds-setting#fds-setting
Refer to the exhibit, which shows the output of a web filtering diagnose command.
Answer : A
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/406127/filtering
What does the dirty flag mean in a FortiGate session?
Answer : A
Reference:
https://kb.fortinet.com/kb/viewContent.do?externalId=FD40119&sliceId=1
An administrator wants to capture ESP traffic between two Fortigate devices using the built-in sniffer.
If the administrator knows that there is no NAT device located between both FortiGate devices, which command should the administrator run?
Answer : A
Reference:
https://docs.fortinet.com/document/fortiadc/6.0.1/cli-reference/395933/diagnose-sniffer-packet
Which three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
Answer : BCD
Reference:
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-advanced-routing-54/Routing_OSPF/OSPF_Background_Concepts.htm#Adjacenc
Refer to the exhibit, which contains the output of a debug command.
Answer : A
Reference:
https://www.fortinetguru.com/2017/09/fortigate-conserve-mode-changes-242562-386503/
Have any questions or issues ? Please dont hesitate to contact us