QUESTION 46
Refer to the exhibit, which shows a session table entry.

Which statement about FortiGate behavior relating to this session is true?

QUESTION 47
Which command is used to enable timestamp in a real-time debug?

QUESTION 48
Refer to the exhibit, which contains partial output from an IKE real-time debug.

Which two statements about this debug output are correct? (Choose two.)

QUESTION 49
Refer to the exhibit, which contains the partial output of a diagnose command.


Based on the output, which two statements are correct? (Choose two.)

QUESTION 50
In which two states is a given session categorized as ephemeral? (Choose two.)

QUESTION 51
Refer to the exhibits, which contain the partial configurations of two VPNs on FortiGate.


An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovered that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must the administrator make to fix the issue? (Choose two.)

QUESTION 52
View the exhibit, which contains a session entry, and then answer the question below.

What statements are correct regarding this session? (Choose two.)

QUESTION 53
Refer to the exhibit, which shows the output of get system ha status. NGFW-1 and NGFW-2 have been up for a week.


Which two statements about the output are true? (Choose two.)

QUESTION 54
Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.

An administrator would like to test session failover between the two service provider connections.
What changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)

QUESTION 55
View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.


Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

QUESTION 56
Refer to the exhibit, which contains partial output from an IKE real-time debug.


The administrator does not have access to the remote gateway.
Based on the debug output, which configuration change can the administrator make to the local gateway to resolve the phase 1 negotiation error?

QUESTION 57
Which configuration can be used to reduce the number of BGP sessions in an IBGP network?

QUESTION 58
When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filler web requests when the client browser does not provide the server name indication (SNI) extension?

QUESTION 59
An administrator configured FGSP cluster members to encrypt the session synchronization. When the administrator takes a sniffer trace on the dedicated interface for the synchronization, the sniffer trace shows UDP packets only.
Which two reasons could cause the sniffer to capture only UDP packets? (Choose two.)

QUESTION 60
A FortiGate device has the following LDAP configuration:

The LDAP user student cannot authenticate.
The exhibit shows the output of the authentication real time debug while testing the student account:

Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)

QUESTION 61
Which statement about administrative domains (ADOMs) on FortiManager is true?

QUESTION 62
An administrator added the following Ipsec VPN to a FortiGate configuration:
configvpn ipsec phasel -interface
edit “RemoteSite”
set type dynamic
set interface “portl”
set mode main
set psksecret ENC LCVkCiK2E2PhVUzZe
next
end
config vpn ipsec phase2-interface
edit “RemoteSite”
set phasel name “RemoteSite”
set proposal 3des-sha256
next
end
However, the phase 1 negotiation is failing. The administrator executed the IKF real time debug while attempting the Ipsec connection.
The output is shown in the exhibit.

What is causing the IPsec problem in the phase 1?

QUESTION 63
Which two statements about application layer test commands are true? (Choose two.)

QUESTION 64
What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

QUESTION 65
Refer to the exhibit, which contains a TCL script configuration on FortiManager.

An administrator has configured the TCL script on FortiManager, but failed to apply any changes to the managed device after being executed.
Why did the TCL script fail to make any changes to the managed device?

QUESTION 66
View the following exhibit:

What two statements about this session are correct? (Choose two.)

QUESTION 67
View the following exhibit, which contains the sniffer output for a passive mode FTP request.

An administrator has created the following custom IPS signature to block all FTP requests for passive mode: F-SBID (–attack_id 1002; –name “Block.FTP “; –protocol tcp; –flow from_client; –pattern
“PASV”; –no_case;) Soon after the signature is enabled in an active IPS sensor, some false positive detections are generated.
Which option and value pair will allow more specific detection?

QUESTION 68
View these partial outputs from two routing debug commands:

Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?

QUESTION 69
An LDAP user cannot authenticate against a FortiGate device.
Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer the question below.


Based on the output in the exhibit, what can cause this authentication problem?