NEW QUESTION 1
Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

• A. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.
• B. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.
• C. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.
• D. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

Answer: BD

Explanation:
CLI scripts can be run in three different ways:Device Database: By default, a script is executed on the device database. It is recommend you run the changes on the device database (default setting), as this allows you to check what configuration changes you will send to the managed device. Once scripts are run on the device database, you can install these changes to a managed device using the installation wizard.
Policy Package, ADOM database: If a script contains changes related to ADOM level objects and policies, you can change the default selection to run on Policy Package, ADOM database and can then be installed using the installation wizard.
Remote FortiGate directly (through CLI): A script can be executed directly on the device and you don’t need to install these changes using the installation wizard. As the changes are directly installed on the managed device, no option is provided to verify and check the configuration changes through FortiManager prior to executing it.

NEW QUESTION 2
View the exhibit, which contains a session entry, and then answer the question below.

Which statement is correct regarding this session?

• A. It is an ICMP session from 10.1.10.10 to 10.200.1.1.
• B. It is an ICMP session from 10.1.10.10 to 10.200.5.1.
• C. It is a TCP session in ESTABLISHED state from 10.1.10.10 to 10.200.5.1.
• D. It is a TCP session in CLOSE_WAIT state from 10.1.10.10 to 10.200.1.1.

Answer: B

NEW QUESTION 3
What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

• A. Reduce the session time to live.
• B. Increase the TCP session timers.
• C. Increase the FortiGuard cache time to live.
• D. Reduce the maximum file size to inspect.

Answer: AD

NEW QUESTION 4
View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.

Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

• A. auto-discovery-sender
• B. auto-discovery-forwarder
• C. auto-discovery-shortcut
• D. auto-discovery-receiver

Answer: B

NEW QUESTION 5
The logs in a FSSO collector agent (CA) are showing the following error: failed to connect to registry: PIKA1026 (192.168.12.232)
What can be the reason for this error?

• A. The CA cannot resolve the name of the workstation.
• B. The FortiGate cannot resolve the name of the workstation.
• C. The remote registry service is not running in the workstation 192.168.12.232.
• D. The CA cannot reach the FortiGate with the IP address 192.168.12.232.

Answer: C

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD30548

NEW QUESTION 6
Which two statements about bulk configuration changes made using FortiManager CLI scripts are correct? (Choose two.)

• A. When run on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate device.
• B. When run on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.
• C. When run on the All FortiGate in ADOM, changes are automatically installed without the creation of a new revision history.
• D. When run on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate device.

Answer: AB

NEW QUESTION 7
View the following FortiGate configuration.

All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network:

If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that user’s session?

• A. The session would remain in the session table, and its traffic would still egress from port1.
• B. The session would remain in the session table, but its traffic would now egress from both port1 and port2.
• C. The session would remain in the session table, and its traffic would start to egress from port2.
• D. The session would be deleted, so the client would need to start a new session.

Answer: A

Explanation:
http://kb.fortinet.com/kb/documentLink.do?externalID=FD40943

NEW QUESTION 8
Which two statements about OCVPN are true? (Choose two.)

• A. Only root vdom supports OCVPN.
• B. OCVPN supports static and dynamic IPs in WAN interface.
• C. OCVPN offers only Hub-Spoke VPNs.
• D. FortiGate devices under different FortiCare accounts can be used to form OCVPN.

Answer: AB

NEW QUESTION 9
Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

• A. Group ID.
• B. Group name.
• C. Session pickup.
• D. Gratuitous ARPs.

Answer: A

Explanation:
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-high-availability-52/HA_failoverVMAC.htm

NEW QUESTION 10
Examine the output of the ‘diagnose sys session list expectation’ command shown in the exhibit; than answer the question below.

Which statement is true regarding the session in the exhibit?

• A. It was created by the FortiGate kernel to allow push updates from FotiGuard.
• B. It is for management traffic terminating at the FortiGate.
• C. It is for traffic originated from the FortiGate.
• D. It was created by a session helper or ALG.

Answer: D

NEW QUESTION 11
Examine the following routing table and BGP configuration; then answer the question below.

TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?

• A. Enable the redistribution of connected routers into BGP.
• B. Enable the redistribution of static routers into BGP.
• C. Disable the setting network-import-check.
• D. Enable the setting ebgp-multipath.

Answer: C

NEW QUESTION 12
Refer to the exhibit, which contains partial outputs from two routing debug commands.

Why is the port2 default route not in the second command's output?

• A. It has a higher priority value than the default route using port1.
• B. It is disabled in the FortiGate configuration.
• C. It has a lower priority value than the default route using port1.
• D. It has a higher distance than the default route using port1.

Answer: D

NEW QUESTION 13
View the exhibit, which contains the output of a debug command, and then answer the question below.

What statement is correct about this FortiGate?

• A. It is currently in system conserve mode because of high CPU usage.
• B. It is currently in FD conserve mode.
• C. It is currently in kernel conserve mode because of high memory usage.
• D. It is currently in system conserve mode because of high memory usage.

Answer: D

NEW QUESTION 14
View the exhibit, which contains the partial output of an IKE real time debug, and then answer the question below.

The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?

• A. Change phase 1 encryption to AESCBC and authentication to SHA128.
• B. Change phase 1 encryption to 3DES and authentication to CBC.
• C. Change phase 1 encryption to AES128 and authentication to SHA512.
• D. Change phase 1 encryption to 3DES and authentication to SHA256.

Answer: B

NEW QUESTION 15
Refer to the exhibit, which contains the debug output of diagnose dvm device list.

Which two statements about the output shown in the exhibit are correct? (Choose two.)

• A. ADOMs are disabled on the FortiManager
• B. The FortiGate configuration is in sync with latest running revision history.
• C. There are pending device-level changes yet to be installed on Local-FortiGate.
• D. The policy package has been modified for Local-FortiGate.

Answer: BC

NEW QUESTION 16
In which two states is a given session categorized as ephemeral? (Choose two.)

• A. A TCP session waiting to complete the three-way handshake.
• B. A TCP session waiting for FIN ACK.
• C. A UDP session with packets sent and received.
• D. A UDP session with only one packet received.

Answer: BC

NEW QUESTION 17
Refer to the exhibit, which shows the output of a debug command.

Which two statements about the output are true? (Choose two.)

• A. The local FortiGate OSPF router ID is 0.0.0.4.
• B. Port4 is connected to the OSPF backbone area.
• C. In the network connected to port4, two OSPF routers are down.
• D. The local FortiGate is the backup designated router.

Answer: AB

Explanation:
Area 0.0.0.0 is the backbone area.

NEW QUESTION 18
......