Refer to the exhibit showing a firewall policy configuration. Policies -To prevent unauthorized access of their cloud assets, an administrator wants to enforce authentication on firewall policy ID 1. What change does the administrator need to make?
Question 52
Refer to the exhibit. A customer wants FortiClient EMS configured to deploy to 1500 endpoints The deployment will be integrated with FortiOS and there is an Active Directory server. Given the configuration shown in the exhibit, which two statements about the installation are correct? (Choose two.)
Question 53
Refer to the exhibit showing FortiGate configurations. FortiManager VM high availability (HA) is not functioning as expected after being added to an existing deployment. The administrator finds that VRRP HA mode is selected, but primary and secondary roles are greyed out in the GUI. The managed devices never show online when FMG-B becomes primary, but they will show online whenever the FMG-A becomes primary. What change will correct HA functionality in this scenario?
Question 54
A remote IT Team is in the process of deploying a FortiGate in their lab. The closed environment has been configured to support zero-touch provisioning from the FortiManager, on the same network, via DHCP options. After waiting 15 minutes, they are reporting that the FortiGate received an IP address, but the zero-touch process failed. The exhibit below shows what the IT Team provided while troubleshooting this issue: Which statement explains why the FortiGate did not install its configuration from the FortiManager?
Question 55
Refer to the exhibit. A FortiWeb appliance is configured for load balancing web sessions to internal web servers. The Server Pool is configured as shown in the exhibit. How will the sessions be load balanced between server 1 and server 2 during normal operation?
Question 56
Refer to the exhibit, which shows a VPN topology. The device IP 10.1.100.40 downloads a file from the FTP server IP 192.168.4.50. Referring to the exhibit, what will be the traffic flow behavior if ADVPN is configured in this environment?
Question 57
Refer to the exhibits. Topology -Configuration -A customer has deployed a FortiGate with iBGP and eBGP routing enabled. HQ is receiving routes over eBGP from ISP 2; however, only certain routes are showing up in the routing table. Assume that BGP is working perfectly and that the only possible modifications to the routing table ate solely due to the prefix list that is applied on HQ. Given the exhibits, which two routes will be active in me routing table on the HQ firewall? (Choose two.)
Question 58
Refer to the exhibits. Topology -Configuration -The exhibits show a diagram of a requested topology and the base IPsec configuration. A customer asks you to configure ADVPN via two internet underlays. The requirement is that you use one interface with a single IP address on DC FortiGate. In this scenario, which feature should be implemented to achieve this requirement?
Question 59
You are creating the CLI script to be used on a new SD-WAN deployment. You will have branches with a different number of internet connections and want to be sure there is no need to change the Performance SLA configuration in case more connections are added to the branch. The current configuration is: Which configuration do you use for the Performance SLA members?
Question 60
You must configure an environment with dual-homed servers connected to a pair of FortiSwitch units using an MCLAG. Multicast traffic is expected in this environment, and should ensure unnecessary traffic is pruned from links that do not have a multicast listener. In which two ways must you configure the igmps-flood-traffic and igmps-flood-report settings? (Choose two.)