QUESTION NO: 1
Examine the network diagram shown in the exhibit, then answer the following question:
Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?
Examine the network diagram shown in the exhibit, then answer the following question:
Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?
Correct Answer: C
Vote an answer
QUESTION NO: 2
Refer to the exhibit.
The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).
Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied.
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?
Refer to the exhibit.
The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).
Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied.
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?
Correct Answer: D
Vote an answer
QUESTION NO: 3
Which two statements about antivirus scanning mode are true? (Choose two.)
Which two statements about antivirus scanning mode are true? (Choose two.)
Correct Answer: B,D
Vote an answer
QUESTION NO: 4
Examine the following web filtering log.
Which statement about the log message is true?
Examine the following web filtering log.
Which statement about the log message is true?
Correct Answer: D
Vote an answer
QUESTION NO: 5
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)
Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)
Correct Answer: C,D
Vote an answer
QUESTION NO: 6
Which three statements about a flow-based antivirus profile are correct? (Choose three.)
Which three statements about a flow-based antivirus profile are correct? (Choose three.)
Correct Answer: A,C,D
Vote an answer
QUESTION NO: 7
Which scanning technique on FortiGate can be enabled only on the CLI?
Which scanning technique on FortiGate can be enabled only on the CLI?
Correct Answer: B
Vote an answer
QUESTION NO: 8
Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)
Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)
Correct Answer: B,D
Vote an answer
QUESTION NO: 9
Which two statements are correct about SLA targets? (Choose two.)
Which two statements are correct about SLA targets? (Choose two.)
Correct Answer: A,D
Vote an answer
QUESTION NO: 10
Refer to the exhibit.
The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?
Refer to the exhibit.
The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?
Correct Answer: D
Vote an answer