Which action does the FortiGate take when link health monitor times out?
A. All routes to the destination subnet configured in the link health monitor are removed from the routing table.
B. The distance values of all routes using interface configured in the link health monitor are increased.
C. The priority values of all routes using configured in the link health monitor are increased.
D. All routes using the next-hop gateway configured in the link health monitor are removed from the routing table.
What are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)
A. DNS server must properly resolve all workstation names
B. The remote registry service must be running in all workstations
C. The collector agent must be installed in one of the Windows domain controllers
D. A same user cannot be logged in into two different workstations at the same time
Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)
A. Proxy
B. Operating system
C. Kernel
D. System
E. Device
A FortiGate is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root.
Which of the following settings will this administrator be able to configure? (Choose two.)
A. Firewall addresses
B. DHCP servers
C. FortiGuard Distribution Network configuration.
D. System hostname.
A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.
Which of the following statements are true if the network administrator wants to route traffic between all the VDOMs? (Choose three.)
A. The administrator can configure inter-VDOM links to avoid using external interfaces and routers.
B. As with all FortiGate unit interfaces, firewall policies must be in place for traffic to be allowed to pass through any interface, including inter-VDOM links.
C. This configuration requires a router to be positioned between the FortiGate unit and the Internet for proper routing.
D. Inter-VDOM routing is automatically provided if all the subnets that need to be routed are locally attached.
E. As each VDOM has an independent routing table, routing rules need to be set (for example, static routing, OSPF) in each VDOM to route traffic between VDOMs.
Which statements are correct for port pairing and forwarding domains? (Choose two.)
A. They both create separate broadcast domains.
B. Port Pairing works only for physical interfaces.
C. Forwarding Domain only applies to virtual interfaces
D. They may contain physical and/or virtual interfaces.
What logging options are supported on a FortiGate unit? (Choose two.)
A. LDAP
B. Syslog
C. FortiAnalyzer
D. SNMP
Which of the following items is NOT a packet characteristic matched by a firewall service object?
A. ICMP type and code
B. TCP/UDP source and destination ports
C. IP protocol number
D. TCP sequence number
Which of the following authentication methods are supported in an IPsec phase 1? (Choose two.)
A. Asymmetric Keys
B. CA root digital certificates
C. RSA signature
D. Pre-shared keys
Which of the following statements are correct differences between NAT/route and transparent mode? (Choose two.)
A. In transparent mode, interfaces do not have IP addresses.
B. Firewall polices are only used in NAT/ route mode.
C. Static routers are only used in NAT/route mode.
D. Only transparent mode permits inline traffic inspection at layer 2.
