Click the Exhibit button.
Central NAT was configured on a FortiGate firewall. A sniffer shows ICMP packets out to a host on the
Internet egresses with the port1 IP address instead of the virtual IP(VIP) that was configured.
Referring to the exhibit, which configuration will ensure that ICMP traffic is also translated?
C
You configured a firewall policy with only a Web filter profile for accessing the Internet. Access to
websites belonging to the "Information Technology" category are blocked and to the "Business"
category are allowed. SSL deep inspection is not enabled on this policy.
A user wants to access the website
https://www.it-acme.com
which presents a certificate with
CN=www.acme.com. The it-acme.com domain is categorized as "Information Technology" and the
acme.com domain is categorized as "Business".
Which statement regarding this scenario is correct?
B
A FortOS devices is used for termination of VPNs for number of remote spoke VPN units (designated
group A spokes) using a phase 1 main mode dial-up tunnel using pre-shared. Your company recently
acquired another organization. You are asked establish VPN correctively for the newly acquired
organization's sites which new devices will be provisioned (designated Group B spokes). Both exiting
(Group A) and new (Group B) spoke units are dynamically addressed. You are asked to ensure that
spokes from the acquired organization (Group B) have different access permission than your existing
VPN spokes (Group A).
Which two solutions meet the represents for the new spoke group? (Choose two.)
CD
Click the Exhibit button.
Only users authenticated in FortiGate-B can reach the server. A customer wants to deploy a single
sign-on solution for IPsec VPN users. Once a user is connected and authenticated to the VPN in
FortiGate-A, the user does not need to authenticate again in FortiGate B to reach the server.
Which two actions satisfy this requirement? (Choose two.)
BC
Click the Exhibit button. An administrator implements a multi-chassis link aggregation (MCLAG)
solution using two FortiSwitch 448Ds and one FortiGate 3700D. As describes in the network topology
shown in the exhibit, two links are connected to each FortiSwitch. What is requires to implement this
solution? (Choose two.)
CD
You must create a high Availability deployment with two FortiWebs in Amazon Services (AWS): each
on different Availability Zones(AZ) from the same region. At the same time, each FortiWeb should be
able to deliver content from the Web server of both of the AZs. Which deployment would will this
requirement?
D
Explanation:
https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-aws-automatically-scale-
cloud-security.pdf
You are asked to implement a single FortiGate 5000 chassis using Session-aware Load Balance Cluster
(SLBC) with Active Passive FortinControllers. Both FortiControllers have the configuration shown
below, with the rest of the configuration set to the default values:
onfig system ha
set mode dual
set password fortinetnse8
set group-id 5
set chassis-id 1
set minimize-chassis-failover enable
set hbdev b1
end
Both FortiControllers show Master status. What is the problem in this scenario?
C
Click the Exhibit button.
Referring to the exhibit, which two statements are true about local authentication? (Choose two.)
BD
Exhibit
Click the Exhibit button.
You have deployed several perimeter FortiGates with internal segmentation FortiGates behind them.
All FortiGate devices are logging to FortiAnalyzer. When you search the logs in FortiAnalyzer for
denied traffic, you see numerous log messages, as shown in the exhibit, on your perimeter
FortiGates only.
Which two actions would reduce the number of these log messages? (Choose two.)
BC
Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40788
Click the Exhibit button.
Your company has two data centers (DC) connected using a Layer 3 network. Servers in farm A need
to connect to servers in farm B as though they all were in the same Layer 2 segment. What would be
configured on the FortiGates on each DC to allow such connectivity?
C
Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40170
Anti-Virus Real-Time Protection is enabled without any exclusions.
Referring to the exhibit, which two behaviors will the FortiClient endpoint have after receiving the
profile update from the FortiClient EMS? (Choose two.)
BD
Explanation:
https://docs.fortinet.com/document/forticlient/6.0.0/ems-administration-guide/324667/sandbox-
detection
FortiMail configured with the protected domain "internal lab".
Which two envelopes addresses will need an access control rule to relay e-mail sent for
unauthenticated users? (Choose two.)
AD
Explanation:
https://help.fortinet.com/fmail/5-3-6/admin/index.html#page/FortiMail_Online_Help/policy_09_10.html
Exhibit
Click the Exhibit button.
The exhibit shows the configuration of a service protection profile (SPP) in a FortiDDoS device.
Which two statements are true about the traffic matching being inspected by this SPP? (Choose two.)
AD
Explanation:
https://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_SPP_settings.htm
SYN cookieSends a SYN/ACK with a cookie value in the TCP sequence field. If it receives an ACK
back with the right cookie, an RST/ACK packet is sent and the IP address is added to the legitimate IP
address table. If the client then retries, it succeeds in making a TCP connection.
So apparently, the very first SYN/ACK with a cookie value is sent when the IP address is not in the
legitimate IP address table yet.
A company has just deployed a new FortiMail in gateway mode. The administrator is asked to
strengthen e-mail protection by applying the policies shown below.
- E-mails can only be accepted if a valid e-mail account exists.
- Only authenticated users can send e-mails out
Which two actions will satisfy the requirements? (Choose two. )
AD
Refer to the exhibit.
You log into FortiManager, access the Device Manager window and notice that one of the managed
devices is not in normal status.
Referring to the exhibit, which two statements correctly describe the status and result of the affected
device? (Choose two.)
CD