Page: 1
/ 12
Total 60 questions
Which three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
- A. OSPF interface network types match.
- B. OSPF router IDs are unique.
- C. OSPF interface priority settings are unique.
- D. Authentication settings match.
- E. OSPF link costs match.
Answer : ABD
Refer to the exhibit, which contains partial output from an IKE real-time debug.
The administrator does not have access to the remote gateway.
Based on the debug output, which configuration change can the administrator make to the local gateway to resolve the phase 1 negotiation error?
- A. In the phase 1 network configuration, set the IKE version to 2.
- B. In the phase 1 proposal configuration, add AES128-SHA128 to the list of encryption algorithms.
- C. In the phase 1 proposal configuration, add AESCBC-SHA2 to the list of encryption algorithms.
- D. In the phase 1 proposal configuration, add AES256-SHA256 to the list of encryption algorithms.
Answer : D
Refer to the exhibit, which shows the output of a web filtering diagnose command.
Which configuration change would result in non-zero results in the cache statistics section?
- A. set server-type rating under config system central-management
- B. set webfilter-cache enable under config system fortiguard
- C. set webfilter-force-off disable under config system fortiguard
- D. set ngfw-mode policy-based under config system settings
Answer : B
Refer to the exhibits, which show the configuration on FortiGate and partial session information for internet traffic from a user on the internal network.
If the priority on route ID 2 were changed from 10 to 0, what would happen to traffic matching that user session?
- A. The session would remain in the session table, but its traffic would now egress from both port1 and port2.
- B. The session would remain in the session table, and its traffic would egress from port2.
- C. The session would be deleted, and the client would need to start a new session.
- D. The session would remain in the session table, and its traffic would egress from port1.
Answer : B
Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.
An administrator would like to test session failover between the two service provider connections.
What changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)
- A. Configure set snat-route-change enable.
- B. Change the priority of the port2 static route to 5.
- C. Change the priority of the port1 static route to 11.
- D. unset snat-route-change to return it to the default setting.
Answer : AB
31 days access 