Refer to the exhibit, which contains the output of a debug command.
If the default settings are in place, what can you conclude about the conserve mode shown in the exhibit?
AFortiGate is currently blocking new sessions that require flow-based or proxy-based content inspection.
BFortiGate is currently blocking all new sessions regardless of the content inspection requirements or configuration settings because of high memory use.
CFortiGate is currently allowing new sessions that require flow-based or proxy-based content inspection but is not performing inspection on those sessions.
DFortiGate is currently allowing new sessions that require flow-based content inspection and blocking sessions that require proxy-based content inspection.
Refer to the exhibit, which shows the omitted output of a real-time OSPF debug.
Which statement is false?
AA password has been configured on the local OSPF router but is not shown in the output.
BThe Hello packet is being sent from an OSPF router with ID 0.0.0.112.
CThe two FortiGate devices attempting adjacency are in area 0.0.0.0.
DOne FortiGate device is configured to require authentication, while the other is not.
Which two conditions would prevent a static route from being added to the routing table? (Choose two.)
AThe next-hop IP address is unreachable.
BThe interface specified in the route configuration is down.
CThe route has a lower priority value than another route to the same destination.
DThere is another other route to the same destination, with a lower distance.
Refer to the exhibit, which contains the output of diagnose vpn tunnel list.
Which command will capture ESP traffic for the VPN named DialUp_0?
Adiagnose sniffer packet any 'host 10.0.10.10'
Bdiagnose sniffer packet any 'ip proto 50'
Cdiagnose sniffer packet any 'esp and host 10.200.3.2'
Ddiagnose sniffer packet any 'port 4500'
What are two functions of automation stitches? (Choose two.)
AYou can configure automation stitches on any FortiGate device in a Security Fabric environment.
BYou can create automation stitches to run diagnostic commands and attach the results to an email message when CPU or memory usage exceeds specified thresholds.
CAn automation stitch configured to execute actions sequentially can take parameters from previous actions as input for the current action.
DYou can set an automation stitch configured to execute actions in parallel to insert a specific delay between actions.
What is the diagnose test application ipsmonitor 5 command used for?
ATo disable the IPS engine
BTo provide information regarding IPS sessions
CTo restart all IPS engines and monitors
DTo enable IPS bypass mode
Refer to the exhibit, which shows the output of diagnose sys session stat.
Which statement about the output shown in the exhibit is correct?
AAll the sessions in the session table are TCP sessions.
B162 sessions have been deleted because of memory page exhaustion.
CThere are 166 TCP sessions waiting to complete the three-way handshake.
DThere are two sessions that have not been removed in case of any out-of- order packets that arrive.
Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command. Based on the output, which two statements are correct? (Choose two.)
AAnti-replay is enabled.
BThe npu_flag for this tunnel is 03.
CThe npu_flag for this tunnel is 02.
DDifferent SPI values are a result of auto-negotiation being disabled for phase 2 selectors.
Refer to the exhibits, which show the configuration on FortiGate and partial session information for internet traffic from a user on the internal network.
If the priority on route ID 2 were changed from 10 to 0, what would happen to traffic matching that user session?
AThe session would be deleted, and the client would need to start a new session.
BThe session would remain in the session table, but its traffic would now egress from both port1 and port2.
CThe session would remain in the session table, and its traffic would egress from port2.
DThe session would remain in the session table, and its traffic would egress from port1.
Refer to the exhibit, which shows the output of get router info ospf neighbor.
What can you conclude from the command output?
AThe local FortiGate is not a DROther.
BAll neighbors are in area 0.0.0.0.
CThe local FortiGate is the BDR.
DThe network type connecting the local Fortigate and OSPF neighbor 0.0.0.10 is point-to-point.
Refer to the exhibit, which shows the output of a BGP debug command.
Which statement explains why the state of the 10.200.3.1 peer is Connect?
AThe local router initiated the BGP session to 10.200.3.1 but did not receive a response.
BThe local router is receiving BGP keepalives from the remote peer, but the local peer has not received the OpenConfirm yet.
CThe router 10.200.3.1 has authentication configured for BGP and the local router does not.
DThe local router has a different AS number than the remote peer.
Refer to the exhibit, which shows the modified output of the routing kernel.
Which statement is true?
AThe BGP route to 10.0.4.0/24 is not in the forwarding information base.
BThe default static route through port2 is in the forwarding information base.
CThe default static route through 10.200.1.254 is not in the forwarding information base.
DThe egress interface associated with static route 8.8.8.8/32 is administratively up.
Which statement is correct regarding LDAP authentication using the regular bind type?
AThe regular bind type goes through four steps to successfully authenticate a user.
BThe regular bind type cannot be used if users are authenticated using sAMAccountName.
CThe regular bind type is the easiest bind type to configure on FortiOS.
DThe regular bind type requires a FortiGate super_admin account.
Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate 1500D.
An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.
Which two commands allow the administrator to view the traffic? (Choose two.)
Adiagnose npu np6 port-list disable 5 17
B
Cdiagnose npu np6 fastpath disable 0
D
Which statement about IKE and IKE NAT-T is true?
AIKE is used to encapsulate ESP traffic in some situations, and IKE NAT-T is used only when the local FortiGate is using NAT on the IPsec interface.
BIKE is the standard implementation for IKEv1 and IKE NAT-T is an extension added in IKEv2.
CThey each use their own IP protocol number.
DThey both use UDP as their transport protocol and the port number is configurable.
Preview
