Refer to the exhibit. Given the routing database shown in the exhibit, which two statements are correct? (Choose two.)
A. The port3 default route has the lowest metric.
B. There will be eight routes active in the routing table.
C. The port1 and port2 default routes are active in the routing table.
D. The port3 default route has the highest distance.
Question 42
Which statement about the policy ID number of a firewall policy is true?
A. It changes when firewall policies are reordered.
B. It defines the order in which rules are processed.
C. It represents the number of objects used in the firewall policy.
D. It is required to modify a firewall policy using the CLI.
Question 43
Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)
A. Operating mode
B. NGFW mode
C. System time
D. FortiGuard update servers
Question 44
Refer to the exhibits. The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook. Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts. Which part of the policy configuration must you change to resolve the issue?
A. Add Facebook in the URL category in the security policy.
B. Additional application signatures are required to add to the security policy.
C. Force access to Facebook using the HTTP service.
D. The SSL inspection needs to be a deep content inspection.
Question 45
When configuring a firewall virtual wire pair policy, which following statement is true?
A. Any number of virtual wire pairs can be included, as long as the policy traffic direction is the same.
B. Only a single virtual wire pair can be included in each policy.
C. Any number of virtual wire pairs can be included in each policy, regardless of the policy traffic direction settings.
D. Exactly two virtual wire pairs need to be included in each policy.
Question 46
Refer to the exhibit, which contains a radius server configuration. An administrator added a configuration for a new RADIUS server. While configuring, the administrator selected the Include in every user group option. What will be the impact of using Include in every user group option in a RADIUS configuration?
A. This option places all FortiGate users and groups required to authenticate into the RADIUS server, which, in this case, is FortiAuthenticator.
B. This option places all users into every RADIUS user group, including groups that are used for the LDAP server on FortiGate.
C. This option places the RADIUS server, and all users who can authenticate against that server, into every FortiGate user group.
D. This option places the RADIUS server, and all users who can authenticate against that server, into every RADIUS group.
Question 47
By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard servers. Which CLI command will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering?
A. set fortiguard-anycast disable
B. set webfilter-force-off disable
C. set webfilter-cache disable
D. set protocol tcp
Question 48
Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)
A. NTP
B. DNS
C. FortiGate hostname
D. FortiGuard web filter cache
Question 49
An administrator wants to configure timeouts for users. Regardless of the user's behavior, the timer should start as soon as the user authenticates and expire after the configured value. Which timeout option should be configured on FortiGate?
