NEW QUESTION NO: 4
An administrator is using the FortiGate built-in sniffer to capture HTTP traffic between a client and a server, however, the sniffer output shows only the packets related with TCP session setups and disconnections. Why?
A. TCP traffic is being offloaded to an NP6.
B. The FortiGate is doing content inspection.
C. The filter used in the sniffer matches the traffic only in one direction.
D. The administrator is running the sniffer on the internal interface only.
Answer: A
NEW QUESTION NO: 5
Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)
A. Flow-based web filtering
B. Attack signature matching
C. Proxy-based antivirus
D. SIP session helper
E. TCP SYN proxy
Answer: A,B,C
NEW QUESTION NO: 6
An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)
A. The interface has been configured for one-arm sniffer.
B. The interface is a member of a virtual wire pair.
C. Captive portal is enabled in the interface.
D. The interface is a member of a zone.
E. The operation mode is transparent.
Answer: B,D,E
NEW QUESTION NO: 7
View the exhibit.
Based on this output, which statements are correct? (Choose two.)
A. FortiGate has entered in to system conserve mode.
B. FortiGate generated an event log for system conserve mode.
C. By default, the FortiGate blocks new sessions.
D. FortiGate changed the global av-failopen settings to idledrop.
Answer: A,C
NEW QUESTION NO: 8
Which statement about data leak prevention (DLP) on a FortiGate is true?
A. Files can be sent to FortiSandbox for detecting DLP threats.
B. It can be applied to a firewall policy in a flow-based VDOM.
C. Traffic shaping can be applied to DLP sensors.
D. It can archive files and messages.
Answer: D
NEW QUESTION NO: 9
An administrator has created a custom IPS signature. Where does the custom IPS signature have to be applied?
A. In a DoS policy.
B. In an IPS sensor
C. In an interface.
D. In an application control profile.
Answer: B
NEW QUESTION NO: 10
Which of the following settings and protocols can be used to provide secure and restrictive administrative access to FortiGate? (Choose three.)
A. Trusted host
B. HTTPS
C. SSH
D. Trusted authentication
E. FortiTelemetry
Answer: A,B,C
NEW QUESTION NO: 11
How can a browser trust a web-server certificate signed by a third party CA?
A. The browser must have the web-server certificate installed.
B. The browser must have the public key of the web-server certificate installed.
C. The browser must have the private key of CA certificate that signed the web-browser certificate installed.
D. The browser must have the CA certificate that signed the web-server certificate installed.
Answer: D
NEW QUESTION NO: 12
Which of the following statements about NTLM authentication are correct? (Choose two.)
A. NTLM-enabled web browsers are required.
B. Multi-domain environments require DC agents on every domain controller.
C. It is useful when users log in to DCs that are not monitored by a collector agent.
D. It takes over as the primary authentication method when configured alongside FSSO.
Answer: B,C
NEW QUESTION NO: 13
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. The FortiGate unit's public IP address
B. The remote user's public IP address
C. The FortiGate unit's internal IP address
D. The remote user's virtual IP address
Answer: B
NEW QUESTION NO: 14
What step is required to configure an SSL VPN to access to an internal server using port forward mode?
A. Create a SSL VPN realm reserved for clients using port forward mode.
B. Configure the client application to forward IP traffic to a Java applet proxy.
C. Configure the virtual IP addresses to be assigned to the SSL VPN users.
D. Install FortiClient SSL VPN client
Answer: B