You have a customer with a SCADA environmental control devices that is trigged a false- positive OPS alert whenever the device's Web GUI is accessed. You cannot seem to create a functional custom IPS filter expert this behavior, and it appears that the device is so old that it does HTTPS support. You need to prevent the false posited IPS alert occurring.
In this scenario, which two actions would accomplish this task? (Choose two.)
A. Create a very granular firewall for that device's IP address which does not perform IPS scanning.
B. Reconfigure the FortiGate to operate in proxy-based inspection mode instead of flow- based.
C. Create a URL filter with the exempt action for that device's IP address.
D. Change the relevant firewall policies to use SSL certificate-inspection instead of SSL deep-inspection.
Click the Exhibit button.
A FortiGate with the default configuration is deployed between two IP phones. FortiGate receives the INVITE request shown in the exhibit form Phone A (internal)to Phone B (external). Which two actions are taken by the FortiGate after the packet is received? (Choose two.)
A. A pinhole will be opened to accept traffic sent to FortiGate's WAN IP address and ports 49169 and 49170.
B. a pinhole will be opened to accept traffic sent to FortiGate's WAN IP address and ports 49l70 and 49171.
C. The phone A IP address will be translated lo the WAN IP address in all INVITE header fields and the m: field of the SDP statement.
D. The phone A IP address will be translated for the WAN IP address in all INVITE header fields and the SDP statement remains intact.
Exhibit
Click the Exhibit button.
The exhibit shows the configuration of a service protection profile (SPP) in a FortiDDoS device.
Which two statements are true about the traffic matching being inspected by this SPP? (Choose two.)
A. Traffic that does match any spp policy will not be inspection by this spp.
B. FortiDDos will not send a SYNACK if a SYN packet is coming from an IP address that is not the legtimate IP (LIP) address table.
C. FortiDooS will start dropping packets as soon as the traffic executed the configured maintain threshold.
D. SYN packets with payloads will be drooped.
You deploy a FortiGate device in a remote office based on the requirements shown below.
-- Due to company's security policy, management IP of your FortiGate is not allowed to access the Internet.
-- Apply Web Filtering, Antivirus, IPS and Application control to the protected subnet. -- Be managed by a
central FortiManager in the head office.
Which action will help to achieve the requirements?
A. Configure a default route and make sure that the FortiGate device can pmg to service fortiguard net.
B. Configure the FortiGuard override server and use the IP address of the FortiManager
C. Configure the FortiGuard override server and use the IP address of service, fortiguard net.
D. Configure FortiGate to use FortiGuard Filtering Port 8888.
Click the Exhibit button.
Referring to the exhibit, what will happen if FortiSandbox categorizes an e-mail attachment submitted by FortiMail as a high risk?
A. The high-risk file will be discarded by attachment analysis.
B. The high-risk tile will go to the system quarantine.
C. The high-risk file will be received by the recipient.
D. The high-risk file will be discarded by malware/virus outbreak protection.
Click the Exhibit button.
Referring to the exhibit, a FortiADC is load balancing IPv4 traffic between two next-hop routers. The FortiADC does not know the IP addresses of the servers. Also, the FortiADC is doing Layer 7 content inspection and modification.
In this scenario, which application delivery control is configured in the FortiADC?
A. Layer 2
B. Layer 3
C. Laye.4
D. Layer 7
You are building a FortiGala cluster which is stretched over two locations. The HA connections for the cluster are terminated on the data centers. Once the FortiGates have booted, they do form a cluster. The network operators inform you that CRC eoors are present on the switches where the FortiGAtes are connected.
What would you do to solve this problem?
A. Replace the caables where the CRC errors occur.
B. Change the ethertype for the HA packets.
C. Set the speedduplex setting to 1 Gbps /Full Duplex.
D. Place the HA interfaces in dedicated VLANs.
You are asked to implement a single FortiGate 5000 chassis using Session-aware Load Balance Cluster (SLBC) with Active ?Passive FortinControllers. Both FortiControllers have the configuration shown below, with the rest of the configuration set to the default values:
onfig system ha
set mode dual
set password fortinetnse8
set group-id 5
set chassis-id 1
set minimize-chassis-failover enable
set hbdev "b1"
end
Both FortiControllers show Master status. What is the problem in this scenario?
A. The management interface of both FotiControllers was connected on the some network.
B. The priority should be set higher for ForControllers on slot-1.
C. The b1 interface the two FortiConrollers do not see each other.
D. The chassis ID settings on FotiControllers on slot 2 should be set to 2.
Click the Exhibit button.
Only users authenticated in FortiGate-B can reach the server. A customer wants to deploy a single sign-on solution for IPsec VPN users. Once a user is connected and authenticated to the VPN in FortiGate-A, the user does not need to authenticate again in FortiGate 瑽 to reach the server.
Which two actions satisfy this requirement? (Choose two.)
A. Use Kerberos authentication.
B. FortiGate-A must generate a RADUIS accounting packets.
C. Use FortiAuthenticator.
D. Use the Collector Agent.
Exhibit
Click the Exhibit button. Referring to the exhibit, which two behaviors will the FortiClient endpoint have after receiving the profile update from the FortiClient EMS? (Choose two.)
A. Files executed from a mapped network drive will not be inspected by the FortiCltent endpoint Antivirus engine.
B. The user will not be able to access a Web downloaded file for at least 60 seconds when the FortiSandbox is reachable.
C. The user will not be able to access a Web downloaded file for a maximum of 60 seconds if it is not a virus and the FortiSandbox s reachable.
D. The user will not be able to access a Web downloaded file when the FortiSandbox is unreachable.
