- (Exam Topic 1)
Refer to the exhibit.
Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)
Correct Answer:CD
References: https://docs.fortinet.com/document/fortigate/5.6.0/cookbook/761085/results
https://docs.fortinet.com/document/fortimanager/6.2.0/new-features/736125/security-fabric-topology
- (Exam Topic 1)
Which two statements about FortiGate FSSO agentless polling mode are true? (Choose two.)
Correct Answer:BD
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
- (Exam Topic 1)
Refer to the exhibit.
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?
Correct Answer:D
Reference: https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/168495
Encryption and authentication algorithm needs to match in order for IPSEC be successfully established.
- (Exam Topic 2)
An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?
Correct Answer:C
Reference: https://forum.fortinet.com/tm.aspx?m=120324
- (Exam Topic 2)
Which scanning technique on FortiGate can be enabled only on the CLI?
Correct Answer:A
Reference: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/567568/enabling-scanning
- (Exam Topic 1)
Refer to the exhibit.
Which contains a session diagnostic output. Which statement is true about the session diagnostic output?
Correct Answer:A
Indicates TCP (proto=6) session in SYN_SENT state (proto=state=2) https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042