Refer to exhibits.
Exhibit A shows the performance SLA exhibit B shows the SD-WAN diagnostics output. Based on the exhibits, which statement is correct?
A. Both SD-WAN member interfaces have used separate SLA targets.
B. The SLA state of port1 is dead after five unanswered requests by the SLA servers.
C. Port1 became dead 1ecause no traffic was offload through the egress of port1.
D. SD-WAN member interfaces are affected by the SLA state of the inactive interface
Refer to the exhibit.
Which two statements about the debug output are true? (Choose two)
A. The debug output shows per-IP shaper values and real-time readings.
B. FortiGate provides statistics and reading based on historical traffic logs.
C. Traffic being controlled by the traffic shaper is under 100 KB/s.
D. This traffic shaper drops traffic that exceeds the set limits.
Which diagnostic command can you use to show the SD-WAN rules interface information and state?
A. diagnose sys sdwan route-tag-list.
B. diagnose sys sdwan service.
C. diagnose sys sdwan member.
D. diagnose sys sdwan neighbor.
What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?
A. Per-IP shaping mode
B. Reverse policy shaping mode
C. Interface-based shaping mode
D. Shared policy shaping mode
Refer to the exhibit
Based on the exhibit, which two statements about existing sessions on FortiGate after a firewall policy change, are true?(Choose two.)
A. The old sessions terminate after a policy change
B. Existing sessions remain unchanged after a policy change
C. All sessions are flushed by FortiGate after a policy change
D. FortiGate re-evaluates new packets after a policy change
In which two ways does FortiGate learn the FortiManager IP address or FQDN for zero-touch provisioning? (Choose two.)
A. From a FortiGuard definitions update
B. From the central management configuration configured in FortiDeploy
C. From a DHCP server configured with options 240 or 241
D. From another FortiGate device in the same local network
Refer to the exhibit.
Multiple IPsec VPNs are formed between two hub-and-spokes groups, and site-to-site between Hub 1 and Hub 2 The administrator configured ADVPN on the dual regions topology
Which two statements are correct if a dynamic site-to-site tunne1 between Toronto and London has been established? (Choose two)
A. auto-discovery-receiver is enabled on the egress VPN interfaces on the spokes
B. auto-discovery-sender is enabled on the ingress VPN interfaces on hubs
C. tunnel-search IS set to phase 2 quick mode selectors
D. add-route is enabled to install static routes on hub devices
E. auto-discovery-forwarder IS enabled on all VPN interfaces
Refer to the exhibit.
Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)
A. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.
B. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.
C. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.
D. The measured bandwidth is less than 100 KBps.
Refer to the exhibit.
Which two statements about the IPsec VPN configuration and the status of the IPsec VPN tunnel are true? (Choose two.)
A. FortiGate creates separate virtual interfaces for each dial-up client.
B. FortiGate creates a single IPsec virtual interface that is shared by all clients.
C. FortiGate maps the remote gateway 100.64.3.1 to tunnel index interface 1.
D. FortiGate does not install IPsec static routes for remote protected networks in the routing table.
Which two benefits from using forward error correction (FEC) in IPsec VPNs are true? (Choose two.)
A. FEC transmits the original payload in full to recover the error in transmission.
B. FEC reduces the stress on the remote device buffer to reconstruct packet loss.
C. FEC transmits additional packets as redundant data to the remote device.
D. FEC improves reliability, which overcomes adverse WAN conditions such as noisy links.
