Question 41
Which statement about video filtering on FortiGate is true?
A. Video filtering FortiGuard categories are based on web filter FortiGuard categories.
B. It does not require a separate FortiGuard license.
C. Full SSL inspection is not required.
D. Otis available only on a proxy-based firewall policy.
Question 42
Which statement correctly describes NetAPI polling mode for the FSSO collector agent?
A. The collector agent must search Windows application event logs.
B. The NetSessionEnum function is used to track user logouts.
C. NetAPI polling can increase bandwidth usage in large networks.
D. The collector agent uses a Windows API to query DCs for user logins.
Question 43
What are two features of FortiGate FSSO agentless polling mode? (Choose two.)
A. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
B. FortiGate uses the AD server as the collector agent.
C. FortiGate directs the collector agent to use a remote LDAP server.
D. FortiGate does not support workstation check.
Question 44
Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?
A. Intrusion prevention system engine
B. Application control engine
C. Antivirus engine
D. Turbo engine
Question 45
Refer to the exhibit.
Based on the routing database shown in the exhibit, which two conclusions can you make about the routes? (Choose two.)
A. The port3 default route has the lowest metric.
B. The port1 and port2 default routes are active in the routing table.
C. The ports default route has the highest distance.
D. There will be eight routes active in the routing table.
Question 46
Refer to the exhibits.
The exhibits show a firewall policy (Exhibit A) and an antivirus profile (Exhibit B).
Why is the user unable to receive a block replacement message when downloading an infected file for the first time?
A. The firewall policy performs a full content inspection on the file.
B. The intrusion prevention security profile must be enabled when using flow-based inspection mode.
C. Flow-based inspection is used, which resets the last packet to the user.
D. The volume of traffic being inspected is too high for this model of FortiGate.
Question 47
Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)
A. FortiGuard web filter cache
B. FortiGate hostname
C. DNS
D. NTP
Question 48
On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?
A. Forward traffic logs
B. Local traffic logs
C. Security logs
D. System event logs
Question 49
Refer to the exhibit.
Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit.
What do you conclude when adding the FTP.Login.Failed signature to the IPS sensor profile?
A. Traffic matching the signature will be allowed and logged.
B. The signature setting includes a group of other signatures.
C. Traffic matching the signature will be silently dropped and logged.
D. The signature setting uses a custom rating threshold.
Question 50
An administrator configures outgoing interface any in a firewall policy.
What is the result of the policy list view?
A. Search option is disabled.
B. Policy lookup is disabled.
C. By Sequence view is disabled.
D. Interface Pair view is disabled.
