01. You have received an issue report about users not being able to use a video conferencing application. This application uses two UDP ports and two TCP ports to communicate with servers on the Internet. The network engineering team has confirmed there is no routing problem. You are given a copy of the FortiGate configuration.
Which three configuration objects will you inspect to ensure that no policy is blocking this traffic?
a) config firewall interface-policy
b) config firewall DoS-policy
c) config firewall policy
d) config firewall multicast-policy
e) config firewall sniffer-policy
02. Which Fortinet product is used for antispam protection?
03. A FortiGate is deployed in the NAT/Route operation mode. This operation mode operates at which OSI layer?
a) Layer 4
b) Layer 1
c) Layer 3
d) Layer 2
04. Your FortiGate has multiple CPUs. You want to verify the load for each CPU. Which two commands will accomplish this task?
a) get system performance status
b) diag system mpstat
c) diag system cpu stat
d) diag system top
05. There is an interface-mode IPsec tunnel configured between FortiGate1 and FortiGate2. You want to run OSPF over the IPsec tunnel. On both FortiGates. the IPsec tunnel is based on physical interface port1. Port1 has the default MTU setting on both FortiGate units.
Which statement is true about this scenario?
a) A multicast firewall policy must be added on FortiGate1 and FortiGate2 to allow protocol 89.
b) The MTU must be set manually in the OSPF interface configuration.
c) The MTU must be set manually on the IPsec interface.
d) An IP address must be assigned to the IPsec interface on FortiGate1 and FortiGate2.
06. You are asked to write a FortiAnalyzer report that lists the session that has consumed the most bandwidth. You are required to include the source IP, destination IP, application, application category, hostname, and total bandwidth consumed.
Which dataset meets these requirements?
a) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘recbyte “, 0)) as bandwidth from $log where $filter LIMIT 1
b) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘recbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
c) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
d) select from_itime(itime) as timestamp, sourceip, destip, app, appcat, hostname, sum(coalesce(‘sentbyte’, 0)+coalesce (‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
07. Regarding tunnel-mode SSL VPN, which three statements are correct?
a) Split tunneling is supported.
b) It requires the installation of a VPN client.
c) It requires the use of an Internet browser.
d) It does not support traffic from third-party network applications.
e) An SSL VPN IP address is dynamically assigned to the client by the FortiGate unit.
08. Virtual Domains (VDOMs) allow a FortiGate administrator to do what?
a) Group two or more FortiGate units to form a single virtual device.
b) Split a physical FortiGate unit into multiple virtual devices.
c) Create multiple VLANs in a single physical interface,
d) Group multiple physical interfaces to form a single virtual interface.
09. Which VPN protocol is supported by FortiGate units?
10. You are managing a FortiAnalyzer appliance. After an upgrade, you notice that the unit no longer displays historical logs, reports do not produce any data, and FortiView summary views are empty.
However, you notice that the unit is receiving logs on the dashboard widgets. Which step resolves this problem?
a) Execute the CLI command exec sql-local rebuild-db.
b) Execute the CLI command diag sql remove hcache.
c) Execute the CLI command exec sql-local reinsert-logs.
d) Restore the unit settings from a previous backup.