Practice Exam Flashcards
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
A. It limits the scanning of application traffic to the browser-based technology category only.
B. It limits the scanning of application traffic to use parent signatures only.
C. It limits the scanning of application traffic to use parent signatures only.
D. It limits the scanning of application traffic to the application category only.
A. It limits the scanning of application traffic to the browser-based technology category only.
Refer to the exhibits.
The exhibits show the firewall policies and the objects used in the firewall policies.
The administrator is using the Policy Lookup feature and has entered the search criteria shown in the exhibit. (See screenshot-A and screenshot-b).
Which Policy will be highlighted, based on the input criteria?
A. Policy with ID 4.
B. Policy with ID 5.
C. Policies with ID 2 and 3.
D. Policy with ID 4.
B. Policy with ID 5.
FortiGate is operating in NAT mode and is configured with two virtual LAN (VLAN) subinterfaces added to the same physical interface. In this scenario, what are two requirements for the VLAN ID? (Choose two.)
A. The two VLAN subinterfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.
B. The two VLAN subinterfaces can have the same VLAN ID, only if they belong to different VDOMs.
C. The two VLAN subinterfaces must have different VLAN IDs.
D. The two VLAN subinterfaces can have the same VLAN ID, only if they have IP addresses from different subnets.
B. The two VLAN subinterfaces can have the same VLAN ID, only if they belong to different VDOMs.
C. The two VLAN subinterfaces must have different VLAN IDs.
An administrator has configured a strict RPF check on Fortigate.
How does strict RPF check work?
A. Strict RPF allows packets back to sources with all active routes.
B. Strict RPF checks best route back to the source using the incoming interface.
C. Strict RPF checks only the existence of at least one active route back to the source using the incoming interface.
D. Strict RPF check is run on the first sent and reply packet of any new session.
C. Strict RPF checks only the existence of at least one active route back to the source using the incoming interface.
An administrator has configured the following settings:
config system settings
set ses-denied-traffic enable
end
config system global
set block-session-timer 30
end
What are the two results of this configuration? (Choose two.)
A. Device detection on all interfaces is enforced for 30 minutes.
B. Denied users are blocked for 30 minutes.
C. The number of logs generated by denied traffic is reduced.
D. A session for denied traffic is created.
Refer to the exhibits.
The exhibits show the SSL and authentication policy (Exhibit A) and the security policy for Facebook.
Users are given access to the Facebook web application. They can play video content hosted on Facebook, but they are unable to leave reactions on videos or other types of posts. (See screenshot-C and screenshot-D).
Which part of the policy configuration must you change to resolve the issue?
A. Force access to Facebook using the HTTP service.
B. Make the SSL inspection a deep content inspection.
C. Add Facebook in the URL category in the security policy.
D. Get the additional application signatures required to add to the security policy.
Refer to the exhibits.
An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not available on the downstream FortiGate (ISFW).