01. Which three steps does FortiGate execute using the pull method to get antivirus and IPS updates?
(Choose three.)
a) FortiGate starts sending rating queries to one of the servers in the list.
b) FortiGate gets a list of server IP addresses that it can contact.
c) FortiGate contacts a DNS server to resolve the FortiGuard domain name.
d) FortiGate registers its public IP address in FortiGuard.
e) FortiGate periodically queries for pending updates.
02. Examine these partial outputs from two routing debug commands:
# get router info routing-table database
S 0.0.0.0/0 [20/0] via 100.64.2.254, port2, [10/0]
S *> 0.0.0.0/0 [10/0] via 100.64.1.254, port1
# get router info routing-table all
S* 0.0.0.0/0 [10/0] via 100.64.1.254, port1
Why is the default route that uses port2 not in the output of the second command?
a) It has a higher distance than the default route using port1.
b) Only one default route can be present in an active routing table.
c) It has a higher priority than the default route using port1.
d) It is disabled in the FortiGate configuration.
03. Which two configuration commands change the default behavior for proxy-based content-inspected traffic while FortiGate is in conserve mode?
(Choose two.)
a) set fail-open enable
b) set ips fail-open disable
c) set av-failopen off
d) set av-failopen one-shot
04. For IKEv2, which combination of payloads can INFORMATIONAL exchanges contain?
a) Initiator, Responder, and Wait
b) Start, Wait, and Delete
c) Create, Remove, and Wait
d) Notify, Delete, and Configuration
05. Refer to the exhibits, which contain the partial configurations of two VPNs on FortiGate.
You have configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, you discover that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must the administrator make to fix the issue?
(Choose two.)
a) Use different pre-shared keys on both VPNs.
b) Set up specific peer IDs on both VPNs.
c) Change to aggressive mode on both VPNs.
d) Enable XAuth on both VPNs.
06. Which command do you use to enable a timestamp in a real-time debug?
a) diagnose timestamp enable
b) diagnose debug application timestamp enable
c) diagnose debug console timestamp enable
d) diagnose application timestamp enable
07. View the exhibit:
Given the output showing a real-time debug, which statement describes why the update is failing?
a) FortiGate is unable to resolve the required FQDN (service.fortiguard.net) for antivirus and IPS updates.
b) FortiGate is unable to establish a TCP connection with FDS.
c) The administrator should use the execute update-wf command instead.
d) The update should be using port 53 or port 8888, instead of port 443.
08. In an FSSO environment, a user is listed as active on FortiGate but cannot browse the internet. Which factor do you not need to verify as a potential problem?
a) The connectivity between the collector agent and FortiGate
b) Whether there is a valid firewall policy
c) The user’s group information
d) That the user’s IP address is in the list of active FSSO users
09. View the exhibit:
Which two statements about this session are correct?
(Choose two.)
a) This session terminates or originates on FortiGate.
b) This is a TCP session that was blocked by firewall policy ID 0.
c) It is a UDP session that has seen traffic flow both ways.
d) It is a TCP session in SYN_SENT state.
10. Which two configuration changes can you apply to optimize memory use on FortiGate?
(Choose two.)
a) Increase the maximum file size for AV inspection.
b) Decrease the session TTL.
c) Increase TCP session timers.
d) Use flow-based inspection.
e) Reduce the FortiGuard cache TTL.