更多"[单选题]Refer to the exhibit to view t"的相关试题:
[单选题]
Refer to the exhibit to view the application control profile.
Users who use Apple FaceTime video conferences are unable to set up meetings.
In this scenario which statement is true?
A. Apple FaceTime belongs to the custom monitored filter.
B. The category of Apple FaceTime is being monitored.
C. Apple FaceTime belongs to the custom blocked filter.
D. The category of Apple FaceTime is being blocked.
[单选题]
Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).
Which statement is correct if a user is unable to receive a block replacement message when
Downloading an infected file for the first time?
A. The firewall policy performs the full content inspection on the file.
B. The flow-based inspection is used which resets the last packet to the user.
C. The volume of traffic being inspected is too high for this model of FortiGate.
D. The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.
[单选题]
Refer to the exhibit.
The exhibit contains the configuration for an SD-WAN Performance SLA as well as the output of
Diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?
A. port2
B. port4
C. port3
D. port1
[多选题]
Refer to the exhibit.
The exhibit shows proxy policies and proxy addresses the authentication rule and authentication scheme users and firewall address.
An explicit web proxy is configured for subnet range 10.0.1.0/24 with three explicit web proxy policies.
The authentication rule is configured to authenticate HTTP requests for subnet range 10.0.1.0/24 with a form-based authentication scheme for the FortiGate local user database. Users will be prompted for authentication.
How will FortiGate process the traffic when the HTTP request comes from a machine with the source IP 10.0.1.10 to the destination http://www.fortinet.com? (Choose two.)
A. If a Mozilla Firefox browser is used with User-B credentials the HTTP request will be allowed.
B. If a Google Chrome browser is used with User-B credentials the HTTP request will be allowed.
C. If a Mozilla Firefox browser is used with User-A credentials the HTTP request will be allowed.
D. If a Microsoft Internet Explorer browser is used with User-B credentials the HTTP request will be allowed.
[单选题]
Refer to the exhibit.
The exhibit shows a CLI output of firewall policies proxy policies and proxy addresses. How does FortiGate process the traffic sent to http://www.fortinet.com?
A. Traffic will be redirected to the transparent proxy and it will be allowed by proxy policy ID 3.
B. Traffic will not be redirected to the transparent proxy and it will be allowed by firewall policy ID 1.
C. Traffic will be redirected to the transparent proxy and It will be allowed by proxy policy ID 1.
D. Traffic will be redirected to the transparent proxy and it will be denied by the proxy implicit deny policy.
[多选题]
Refer to the exhibit.
The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)
A. FortiGate SN FGVM010000065036 HA uptime has been reset.
B. FortiGate devices are not in sync because one device is down.
C. FortiGate SN FGVM010000064692 is the primary because of higher HA uptime.
D. FortiGate SN FGVM010000064692 has the higher HA priority.
[多选题]
Refer to the exhibit.
The exhibit contains a network diagram firewall policies and a firewall address object configuration. An administrator created a Deny policy with default settings to deny Webserver access for Remote- user2. Remote-user2 is still able to access Webserver.
Which two changes can the administrator make to deny Webserver access for Remote-User2?
(Choose two.)
A. Disable match-vip in the Deny policy.
B. Set the Destination address as Deny_IP in the Allow-access policy.
C. Enable match vip in the Deny policy.
D. Set the Destination address as Web_server in the Deny policy.
[单选题]
Refer to the exhibit which contains a static route configuration.
An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?
A. get router info routing-table all
B. get internet service route list
C. get router info routing-table database
D. diagnose firewall proute list
[单选题]
Refer to the exhibit which contains a session diagnostic output.
Which statement is true about the session diagnostic output?
A. The session is a UDP unidirectional state.
B. The session is in TCP ESTABLISHED state.
C. The session is a bidirectional UDP connection.
D. The session is a bidirectional TCP connection.
[单选题]
Refer to the exhibit.Which contains a session list output. Based on the information shown in the exhibit which statement is true?
A. Destination NAT is disabled in the firewall policy.
B. One-to-one NAT IP pool is used in the firewall policy.
C. Overload NAT IP pool is used in the firewall policy.
D. Port block allocation IP pool is used in the firewall policy.
[单选题]
Refer to the exhibit.
Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?
A. The first packet sent from Student failed the RPF check.
This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
B. The first reply packet for Student failed the RPF check.
This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
C. The first reply packet for Student failed the RPF check.
This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.
D. The first packet sent from Student failed the RPF check.
This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.
[单选题]
Refer to the exhibit.
Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?
A. Participants configured are not SD-WAN members.
B. There may not be a static route to route the performance SLA traffic.
C. The Ping protocol is not supported for the public servers that are configured.
D. You need to turn on the Enable probe packets switch.
[单选题]
Refer to the exhibit.
According to the certificate values shown in the exhibit which type of entity was the certificate issued to?
A. A user
B. A root CA
C. A bridge CA
D. A subordinate
[单选题]
Refer to the exhibit.
Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?
A. The signature setting uses a custom rating threshold.
B. The signature setting includes a group of other signatures.
C. Traffic matching the signature will be allowed and logged.
D. Traffic matching the signature will be silently dropped and logged.
[多选题]
Refer to the exhibit.
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The
Administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit which two configuration changes will bring phase 1 up? (Choose two.)
A. On HQ-FortiGate set IKE mode to Main (ID protection).
B. On both FortiGate devices set Dead Peer Detection to On Demand.
C. On HQ-FortiGate disable Diffie-Helman group 2.
D. On Remote-FortiGate set port2 as Interface.