Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)
Answer : BD
An administrator does not want to report the logon events of service accounts to FortiGate.
What setting on the collector agent is required to achieve this?
Answer : D
Refer to the exhibit.
The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the Internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)
Answer : AD
Why does FortiGate keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?
Answer : D
Refer to the exhibits.
The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook.
Exhibit A.
Exhibit B.
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?
Answer : D
Which two statements are correct about a software switch on FortiGate? (Choose two.)
Answer : AC
Refer to the exhibit.
The global settings on a FortiGate device must be changed to align with company security policies.
What does the Administrator account need to access the FortiGate global settings?
Answer : C
Which two statements are correct about NGFW Policy-based mode? (Choose two.)
Answer : CD
Refer to the exhibit showing a debug flow output.
Which two statements about the debug flow output are correct? (Choose two.)
Answer : AC
Refer to the exhibit, which contains a radius server configuration.
An administrator added a configuration for a new RADIUS server. While configuring, the administrator selected the Include in every user group option.
What will be the impact of using Include in every user group option in a RADIUS configuration?
Answer : A
Which statement is true about SSL VPN web mode?
Answer : A
Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?
Answer : B
An administrator has configured the following settings:
What are the two results of this configuration? (Choose two.)
Answer : CD
Refer to the exhibit.
An administrator is running a sniffer command as shown in the exhibit.
Which three pieces of information are included in the sniffer output? (Choose three.)
Answer : BCE
A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to work?
Answer : C