An administrator is running the following sniffer in a FortiGate: diagnose sniffer packet any "host 10.0.2.10" 2
What information is included in the output of the sniffer? (Choose two.)
A. Ethernet headers.
B. IP payload.
C. IP headers.
D. Port names.
The logs in a FSSO collector agent (CA) are showing the following error: failed to connect to registry: PIKA1026 (192.168.12.232)
What can be the reason for this error?
A. The CA cannot resolve the name of the workstation.
B. The FortiGate cannot resolve the name of the workstation.
C. The remote registry service is not running in the workstation 192.168.12.232.
D. The CA cannot reach the FortiGate with the IP address 192.168.12.232.
A FortiGate has two default routes: All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user:
What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?
A. Session would remain in the session table and its traffic would keep using port1 as the outgoing interface.
B. Session would remain in the session table and its traffic would start using port2 as the outgoing interface.
C. Session would be deleted, so the client would need to start a new session.
D. Session would remain in the session table and its traffic would be shared between port1 and port2.
View the exhibit, which contains an entry in the session table, and then answer the question below.
Which one of the following statements is true regarding FortiGate's inspection of this session?
A. FortiGate applied proxy-based inspection.
B. FortiGate forwarded this session without any inspection.
C. FortiGate applied flow-based inspection.
D. FortiGate applied explicit proxy-based inspection.
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.
Why didn't the tunnel come up?
A. The pre-shared keys do not match.
B. The remote gateway's phase 2 configuration does not match the local gateway's phase 2 configuration.
C. The remote gateway's phase 1 configuration does not match the local gateway's phase 1 configuration.
D. The remote gateway is using aggressive mode and the local gateway is configured to use man mode.
Which of the following statements are correct regarding application layer test commands? (Choose two.)
A. They are used to filter real-time debugs.
B. They display real-time application debugs.
C. Some of them display statistics and configuration information about a feature or process.
D. Some of them can be used to restart an application.
View the exhibit, which contains the output of a debug command, and then answer the question below.
Which one of the following statements about this FortiGate is correct?
A. It is currently in system conserve mode because of high CPU usage.
B. It is currently in extreme conserve mode because of high memory usage.
C. It is currently in proxy conserve mode because of high memory usage.
D. It is currently in memory conserve mode because of high memory usage.
View the exhibit, which contains the output of a BGP debug command, and then answer the question below.
Which of the following statements about the exhibit are true? (Choose two.)
A. The local router's BGP state is Established with the 10.125.0.60 peer.
B. Since the counters were last reset; the 10.200.3.1 peer has never been down.
C. The local router has received a total of three BGP prefixes from all peers.
D. The local router has not established a TCP session with 100.64.3.1.
Refer to the exhibit, which contains a TCL script configuration on FortiManager.
An administrator has configured the TCL script on FortiManager, but failed to apply any changes to the
managed device after being executed.
Why did the TCL script fail to make any changes to the managed device?
A. Changes in an interface configuration can only be done by CLI script.
B. The TCL script must start with #include <>.
C. Incomplete commands are ignored in TCL scripts.
D. The TCL command run_cmd has not been created.
Refer to the exhibit, which contains the output of get system ha status. Which two statements about the output are true? (Choose two.)
A. The slave configuration is synchronized with the master.
B. port7 is used as the HA heartbeat on all devices in the cluster.
C. Master is selected based on the priority configured under config system ha.
D. The HA management IP is 169.254.0.2.
