01. What does the dirty flag mean in a FortiGate session?
a) Traffic has been blocked by the antivirus inspection.
b) The next packet must be re-evaluated against the firewall policies.
c) The session must be removed from the former primary unit after an HA failover.
d) Traffic has been identified as from an application that is not allowed.
02. Which statement about administrative domains (ADOMs) on FortiManager is true?
a) The number of configurable ADOMs is based on the FortiManager FortiCare service contract.
b) The ADOM feature can be enabled by any administrative user.
c) FortiGate devices with multiple VDOMs must be assigned to the same ADOM on FortiManager.
d) ADOMs allow grouping of managed devices based on management criteria and administrative access.
03. When does a RADIUS server send an Access-Challenge packet?
a) The server does not have the user credentials yet.
b) The server requires more information from the user, such as the token code for two-factor authentication.
c) The user credentials are wrong.
d) The user account is not found in the server.
04. Which of the following statements are correct regarding application layer test commands?
(Choose two.)
a) They are used to filter real-time debugs.
b) They display real-time application debugs.
c) Some of them display statistics and configuration information about a feature or process.
d) Some of them can be used to restart an application.
05. An administrator has enabled HA session synchronization in a HA cluster with two members. Which flag is added to a primary unit’s session to indicate that it has been synchronized to the secondary unit?
a) redir.
b) dirty.
c) nds.
d) synced.
06. The CLI command set intelligent-mode <enable | disable> controls the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?
a) Determines the optimal number of IPS engines required based on system load.
b) Downloads signatures on demand from FDS based on scanning requirements.
c) Determines when it is secure enough to stop scanning session traffic.
d) Choose a matching algorithm based on available memory and the type of inspection being performed.
07. What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?
a) av-failopen
b) mem-failopen
c) utm-failopen
d) ips-failopen
08. A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem?
(Choose two.)
a) Firewall monitor.
b) Policy monitor.
c) Logs.
d) Crashlogs.
09. How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
a) FortiManager can download and maintain local copies of FortiGuard databases.
b) FortiManager supports only FortiGuard push to managed devices.
c) FortiManager will respond to update requests only if they originate from a managed device.
d) FortiManager does not support rating requests.
10. Which configuration can be used to reduce the number of BGP sessions in an IBGP network?
a) Neighbor range
b) Next-hop-self
c) Route reflector
d) Neighbor group