Which of the following statements about application control profile mode are true?
(Choose two.)
Response:
A. It can be configured in either flow-based profile-based or proxy-based FortiOS inspection mode.
B. It cannot be used in conjunction with IPS scanning.
C. It uses flow-based scanning techniques, regardless of the inspection mode used.
D. It can scan only unsecure protocols.
What is Diffie Hellman? Response:
A. An algorithm and agreement method for two peers to independently calculate a common private key after sharing only their public keys
B. An algorithm for generating a public and private key
C. An agreement method for authenticating two peers using a pre-shared key
D. An agreement method for negotiating an IKE security association (SA)
Which statement about the HA override setting in FortiGate HA clusters is true? Response:
A. Configuring the HA override will reboot the FortiGate device.
B. It synchronizes device priority on all cluster members.
C. It is used to enable monitored ports.
D. You must configure override settings manually and separately for each cluster member.
An administrator needs to offload logging to FortiAnalyzer from a FortiGate with an internal hard drive.
Which statements are true?
(Choose two.)
Response:
A. Logs must be stored on FortiGate first, before transmitting to FortiAnalyzer
B. FortiGate uses port 8080 for log transmission
C. Log messages are transmitted as plain text in LZ4 compressed format (store-and-upload method).
D. FortiGate can encrypt communications using SSL encrypted OFTP traffic.
Under what circumstance would you enable LEARN as the Action on a firewall policy? Response:
A. You want FortiGate to compile security feature activity from various security-related logs, such as virus and attack logs.
B. You want FortiGate to monitor a specific security profile in a firewall policy, and provide recommendations for that profile.
C. You want to capture data across all traffic and security vectors, and receive learning logs and a report with recommendations.
D. You want FortiGate to automatically modify your firewall policies as it learns your networking behavior.
FortiGate scans packets for matches in a specific order for application control. Which option provides the correct sequence order?
Response:
A. Static domain overrides -> application overrides -> filter overrides
B. Categories -> application overrides -> filter overrides
C. Application overrides -> filter overrides -> categories
D. Rate based overrides -> filter overrides -> categories
Which of the following protocols is used to encrypt the user data payload in an IPsec tunnel? Response:
A. AH
B. IKE
C. ISAKMP
D. ESP
LDAP and RADIUS are both remote authentication servers that FortiGate can tie into for authentication. What is a key difference between these servers?
Response: A. Only LDAP can have a secure connection with FortiGate using a server certificate.
B. Only LDAP can be configured to authenticate groups as defined on the LDAP server.
C. Only LDAP provides authentication, authorization, and accounting (AAA) services.
D. Only RADIUS requires a distinguished name (i h.) to locate user records.
Which of the following statements about web caching are true?
(Choose two.)
Response:
A. Web caching slows down web browsing due to constant read-write cycles from FortiGate memory.
B. When a client makes a web request, the proxy checks if the requested URL is already in memory.
C. Only heavy content is cached, for example, videos, images, audio and so on.
D. Web caching is supported in both explicit and implicit proxy.
Examine the following log message attributes and select two correct statements from the list below.
(Choose two.)
Response:
A. The category action was set to warning.
B. The website was allowed on the first attempt.
C. The user was prompted to decide whether to proceed or go back.
D. The user failed authentication.