01. Which of the following statements about FortiGate antivirus databases are true?
a) The extreme database is available only on certain FortiGate models.
b) The normal database is available on all FortiGate models.
c) The quick scan database is part of the normal database.
d) The extended database is available only if grayware scanning is enabled.
02. FortiGate has been configured for Firewall Authentication. When attempting to access an external website, the user is not presented with a login prompt. What is the most likely reason for this situation?
a) The user was authenticated using passive authentication.
b) No matching user account exists for this user.
c) The user is using a super admin account.
d) The user is using a guest account profile.
03. A firewall administrator wants to implement SD-WAN. The load-balancing algorithm must use one interface until the session volume reaches 80% threshold, at which point the algorithm should start using the next SD-WAN member interface.
Which one of the load-balancing algorithms will achieve this?
b) Source-destination IP
04. What methods can be used to deliver the token code to a user who is configured to use two-factor authentication?
a) SMS text message
b) Instant message app
c) Voicemail message
05. An administrator needs to inspect all web traffic (including Internet web traffic) coming from users connecting to the SSL-VPN. How can this be achieved?
a) Using web-only mode.
b) Assigning public IP addresses to SSL-VPN users.
c) Disabling split tunneling.
d) Configuring web bookmarks.
06. Which statement about traffic flow in an active-active HA cluster is true?
a) The SYN packet from the client always arrives at the primary device first.
b) The ACK from the client is received on the physical MAC address of the primary device.
c) The secondary device responds to the primary device with a SYN/ACK, then the primary device forwards the SYN/ACK to the client.
d) All FortiGate devices are assigned the same virtual MAC addresses for the HA heartbeat interfaces to redistribute to the sessions.
07. When does the FortiGate enter into fail-open session mode?
a) When CPU usage goes above the red threshold.
b) When a proxy (for proxy-based inspection) runs out of connections.
c) When memory usage goes above the red threshold.
d) When memory usage goes above the extreme threshold.
08. How can you configure the web proxy to block HTTP packets that request a specific HTTP method?
a) Apply a web filter profile to a proxy policy that blocks the HTTP method.
b) Create a firewall service that matches the HTTP method, and apply it to a proxy policy with the action DENY.
c) Create a DNS filter that matches the HTTP method, and apply it to a proxy policy with the action DENY.
d) Create a proxy address that matches the HTTP method, and apply it to a proxy policy with the action DENY.
09. An administrator configured antivirus in flow-based inspection mode on the FortiGate. While testing the configuration, the administrator noticed that eicar.com test files can be downloaded using HTTPS protocol only. What is causing this issue?
a) HTTPS protocol is not enabled under Inspected Protocols.
b) Full-content inspection for HTTPS is disabled.
c) Hardware acceleration is in use.
d) The test file is larger than the oversize limit.
10. Which statement about firewall policy NAT is true?
a) DNAT is not supported.
b) DNAT can automatically apply to multiple firewall policies, based on DNAT rules.
c) You must configure SNAT for each firewall policy.
d) SNAT can automatically apply to multiple firewall policies, based on SNAT rules.