Which two settings are required for SSL VPN to function between two FortiGate devices? (Choose two.)
Question 12
Which statement correctly describes the use of reliable logging on FortiGate?
Question 13
Refer to the exhibits. The exhibits contain a network diagram, and virtual IP, IP pool, and firewall policies configuration information. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IP address 10.0.1.254/24. The first firewall policy has NAT enabled using IP pool. The second firewall policy is configured with a VIP as the destination address. Which IP address will be used to source NAT (SNAT) the internet traffic coming from a workstation with the IP address 10.0.1.10?
Question 14
Refer to the exhibit. The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router. When the administrator tries to access the web server public address (203.0.113.2) from the internet, the connection times out. At the same time, the administrator runs a sniffer on FortiGate to capture incoming web traffic to the server and does not see any output. Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?
Question 15
Which two statements are true about the FGCP protocol? (Choose two.)
Question 16
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down. In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover. Which two key configuration changes must the administrator make on FortiGate to meet the requirements? (Choose two.)
Question 17
What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.)
Question 18
FortiGuard categories can be overridden and defined in different categories. To create a web rating override for the example. com home page, the override must be configured using a specific syntax. Which two syntaxes are correct to configure a web rating override for the home page? (Choose two.)
Question 19
Refer to exhibit. An administrator configured the web filtering profile shown in the exhibit to block access to all social networking sites except Twitter. However, when users try to access twitter. com, they are redirected to a FortiGuard web filtering block page. Based on the exhibit, which configuration change can the administrator make to allow Twitter while blocking all other social networking sites?
Question 20
Which three statements explain a flow-based antivirus profile? (Choose three.)
