What is the limitation of using a URL list and application control on the same firewall policy, in NGFW
policy-based mode?
C
If Internet Service is already selected as Destination in a firewall policy, which other configuration
objects can be selected to the Destination field of a firewall policy?
A User or User Group
B. IP address
C. No other object can be added
D. FQDN address
B
Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.2.5/cookbook/179236/using-internet-
service-in-policy
In an explicit proxy setup, where is the authentication method and database configured?
D
Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is
enabled on all FortiGate devices?
A
Refer to the exhibit, which contains a radius server configuration.
An administrator added a configuration for a new RADIUS server. While configuring, the
administrator selected the Include in every user group option.
What will be the impact of using Include in every user group option in a RADIUS configuration?
A
Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/634373/authentication-
servers
Which two statements are correct about a software switch on FortiGate? (Choose two.)
AC
Which two statements are true about collector agent advanced mode? (Choose two.)
BC
Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/482937/agent-based-fsso
Exhibit:
Refer to the exhibit to view the authentication rule configuration In this scenario, which statement is
true?
C
Explanation:
Reference:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD45387
A team manager has decided that, while some members of the team need access to a particular
website, the majority of the team does not Which configuration option is the most effective way to
support this request?
D
Which feature in the Security Fabric takes one or more actions based on event triggers?
B
Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/286973/fortinet-security-
fabric
An administrator has a requirement to keep an application session from timing out on port 80. What
two changes can the administrator make to resolve the issue without affecting any existing services
running through FortiGate? (Choose two.)
BC
In which two ways can RPF checking be disabled? (Choose two )
CD
Explanation:
Reference:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD33955
Refer to the exhibit to view the application control profile.
Based on the configuration, what will happen to Apple FaceTime?
A
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the
physical layer nor the link layer? (Choose three.)
BCD
Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode?
(Choose two.)
AD
Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/758820/split-task-vdom-
mode