Review the VPN configuration shown in the exhibit. What is the Forward Error Correction behavior if the SD-WAN network traffic download is 500 Mbps and has 8% of packet loss in the environment?
A. 1 redundant packet for every 10 base packets
B. 3 redundant packet for every 5 base packets
C. 2 redundant packet for every 8 base packets
D. 3 redundant packet for every 9 base packets
Question 2
You are running a diagnose command continuously as traffic flows through a platform with NP6 and you obtain the following output: Given the information shown in the output, which two statements are true? (Choose two.)
A. Enabling bandwidth control between the ISF and the NP will change the output
B. The output is showing a packet descriptor queue accumulated counter
C. Enable HPE shaper for the NP6 will change the output
D. Host-shortcut mode is enabled
E. There are packet drops at the XAUI
Question 3
Which two methods are supported for importing user defined Lookup Table Data into the FortiSIEM? (Choose two.)
A. Report
B. FTP
C. API
D. SCP
Question 4
What is the benefit of using FortiGate NAC LAN Segments?
A. It provides support for multiple DHCP servers within the same VLAN
B. It provides physical isolation without changing the IP address of hosts
C. It provides support for IGMP snooping between hosts within the same VLAN
D. It allows for assignment of dynamic address objects matching NAC policy
Question 5
You are troubleshooting a FortiMail Cloud service integrated with Office 365 where outgoing emails are not reaching the recipients’ mail. What are two possible reasons for this problem? (Choose two.)
A. The FortiMail access control rule to relay from Office 365 servers FQDN is missing
B. The FortiMail DKIM key was not set using the Auto Generation option
C. The FortiMail access control rules to relay from Office 365 servers public IPs are missing.
D. A Mail Flow connector from the Exchange Admin Center has not been set properly to the FortiMail Cloud FQDN
Question 6
Refer to the exhibit. FortiManager is configured with the Jinja Script under CLI Templates shown in the exhibit. Which two statements correctly describe the expected behavior when running this template? (Choose two.)
A. The Jinja template will automatically map the interface with “WAN” role on the managed FortiGate
B. The template will work if you change the variable format to $(WAN).
C. The template will work if you change the variable format to {{ WAN }}.
D. The administrator must first manually map the interface for each device with a meta field
E. The template will fail because this configuration can only be applied with a CLI or TCL script.
Question 7
SD-WAN is configured on a FortiGate. You notice that when one of the internet links has high latency the time to resolve names using DNS from FortiGate is very high. You must ensure that the FortiGate DNS resolution times are as low as possible with the least amount of work. What should you configure?
A. Configure local out traffic to use the outgoing interface based on SD-WAN rules with a manual defined IP associated to a loopback interface and configure an SD-WAN rule from the loopback to the DNS server.
B. Configure an SD-WAN rule to the DNS server and use the FortiGate interface IPs in the source address.
C. Configure two DNS servers and use DNS servers recommended by the two internet providers.
D. Configure local out traffic to use the outgoing interface based on SD-WAN rules with the interface IP and configure an SD-WAN rule to the DNS server.
Question 8
Refer to the exhibits. A customer is trying to set up a VPN with a FortiGate, but they do not have a backup of the configuration. Output during a troubleshooting session is shown in the exhibits A and B and a baseline VPN configuration is shown in Exhibit C. Referring to the exhibits, which configuration will restore VPN connectivity?
A.
B.
C.
D.
Question 9
An HA topology is using the following configuration: Based on this configuration, how long will it take for a failover to be detected by the secondary cluster member?
A. 600ms
B. 200ms
C. 300ms
D. 100ms
Question 10
Refer to the exhibit. You have deployed a security fabric with three FortiGate devices as shown in the exhibit. FGT_2 has the following configuration:
config system csf set fabric-object-unification local end
FGT_1 and FGT_3 are configured with the default setting. Which statement is true for the synchronization of fabric-objects?
A. Objects from the FortiGate FGT_2 will be synchronized to the upstream FortiGate
B. Objects from the root FortiGate will only be synchronized to FGT_2
C. Objects from the root FortiGate will not be synchronized to any downstream FortiGate
D. Objects from the root FortiGate will only be synchronized to FGT_3
