During the digital verification process, comparing the original and fresh hash results satisfies which security requirement?
A. Authentication.
B. Data integrity.
C. Non-repudiation.
D. Signature verification.
Examine the exhibit, which shows the output of a web filtering real time debug.
Why is the site www.bing.com being blocked?
A. The web site www.bing.com is categorized by FortiGuard as Malicious Websites.
B. The user has not authenticated with the FortiGate yet.
C. The web server IP address 204.79.197.200 is categorized by FortiGuard as Malicious Websites.
D. The rating for the web site www.bing.com has been locally overridden to a category that is being blocked.
If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?
A. A CRL
B. A person
C. A subordinate CA
D. A root CA
A team manager has decided that while some members of the team need access to particular website, the majority of the team does not. Which configuration option is the most effective option to support this request?
A. Implement a web filter category override for the specified website.
B. Implement web filter authentication for the specified website
C. Implement web filter quotas for the specified website.
D. Implement DNS filter for the specified website.
Which statement about DLP on FortiGate is true?
A. It can archive files and messages.
B. It can be applied to a firewall policy in a flow-based VDOM
C. Traffic shaping can be applied to DLP sensors.
D. Files can be sent to FortiSandbox for detecting DLP threats.
An administrator needs to create an SSL-VPN connection for accessing an internal server using the bookmark Port Forward. What step is required for this configuration?
A. Configure an SSL VPN realm for clients to use the port forward bookmark.
B. Configure the client application to forward IP traffic through FortiClient.
C. Configure the virtual IP address to be assigned to the SSL VPN users.
D. Configure the client application to forward IP traffic to a Java applet proxy.
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
A. It limits the scope of application control to the browser-based technology category only.
B. It limits the scope of application control to scan application traffic based on application category only.
C. It limits the scope of application control to scan application traffic using parent signatures only
D. It limits the scope of application control to scan application traffic on DNS protocol only.
Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question below.
When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?
A. SMTP.Login.Brute.Force
B. IMAP.Login.brute.Force
C. ip_src_session
D. Location: server Protocol: SMTP
Which statement about the IP authentication header (AH) used by IPsec is true?
A. AH does not provide any data integrity or encryption.
B. AH does not support perfect forward secrecy.
C. AH provides data integrity bur no encryption.
D. AH provides strong data integrity but weak encryption.
What criteria does FortiGate use to look for a matching firewall policy to process traffic? (Choose two.)
A. Services defined in the firewall policy.
B. Incoming and outgoing interfaces
C. Highest to lowest priority defined in the firewall policy.
D. Lowest to highest policy ID number.