Win IT Exam with Last Dumps 2025

Which statement about video filtering on FortiGate is true?

A. Full SSL inspection is not required. B. It is available only on a proxy-based firewall policy. C. It inspects video files hosted on file sharing services. D. Video filtering FortiGuard categories are based on web filter FortiGuard categories.

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)

A. Full Content inspection B. Proxy-based inspection C. Certificate inspection D. Flow-based inspection

Which type of logs on FortiGate record information about traffic directly to and from the FortiGate management IP addresses?

A. System event logs B. Security logs C. Forward traffic logs D. Local traffic logs

How does FortiGate act when using SSL VPN in web mode?

A. FortiGate acts as an HTTP reverse proxy. B. FortiGate acts as router. C. FortiGate acts as DNS server. D. FortiGate acts as an FDS server.

Which two statements are correct about NGFW Policy-based mode? (Choose two.)

A. NGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy. B. NGFW policy-based mode can only be applied globally and not on individual VDOMs. C. NGFW policy-based mode does not require the use of central source NAT policy. D. NGFW policy-based mode policies support only flow inspection.

Refer to the exhibits.The exhibits contain a network diagram, virtual IP, IP pool, and firewall policies configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled using IP Pool.The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?

A. 10.200.1.100 B. 10.200.1.10 C. 10.200.1.1 D. 10.200.3.1

Which two statements about antivirus scanning mode are true? (Choose two.)

A. In proxy-based inspection mode, files bigger than the buffer size are scanned. B. In flow-based inspection mode, files bigger than the buffer size are scanned. C. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client. D. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.

Which two statements are true about the FGCP protocol? (Choose two.)

A. Is used to discover FortiGate devices in different HA groups B. Runs only over the heartbeat links C. Elects the primary FortiGate device D. Not used when FortiGate is in Transparent mode

Refer to the web filter raw logs.
Based on the raw logs shown in the exhibit, which statement is correct?

A. The name of the firewall policy is all_users_web. B. Social networking web filter category is configured with the action set to authenticate. C. The action on firewall policy ID 1 is set to warning. D. Access to the social networking web filter category was explicitly blocked to all users.

Refer to the exhibit.
An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic.
Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)

A. The Detection Mode setting is not set to Passive. B. Administrator didn't configure a gateway for the SD-WAN members, or configured gateway is not valid. C. The configured participants are not SD-WAN members. D. The Enable probe packets setting is not enabled.