Examine the following partial outputs from two routing debug commands; then answer the question below. # get router info kernel tab=254 vf=0 scope=0type=1 proto=11 prio=0 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.1.254 dev=2(port1) tab=254 vf=0 scope=0type=1 proto=11 prio=10 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.2.254 dev=3(port2) tab=254 vf=0 scope=253type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/.->10.0.1.0/24 pref=10.0.1.254 gwy=0.0.0.0 dev=4(port3) # get router info routing-table all s

A corporate network allows Internet Access to FSSO users only. The FSSO user student does not have Internet access after successfully logged into the Windows AD network. The output of the ‘diagnose debug authd fsso list’ command does not show student as an active FSSO user. Other FSSO users can access the Internet without problems. What should the administrator check? (Choose two.)

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this prob

The CLI command set intelligent-mode controls the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?

Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

View the IPS exit log, and then answer the question below. # diagnose test application ipsmonitor 3 ipsengine exit log” pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017 code = 11, reason: manual What is the status of IPS on this FortiGate?

View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. Which statements about this debug output are correct? (Choose two.)

Which statement about NGFW policy-based application filtering is true?

View the exhibit, which contains the output of a BGP debug command, and then answer the question below. Which of the following statements about the exhibit are true? (Choose two.)

Refer to the exhibit, which shows a session entry. Which statement about this session is true?

Which two statements about FortiManager is true when it is deployed as a local FDS? (Choose two.)

Examine the following partial outputs from two routing debug commands; then answer the question below: Why the default route using port2 is not displayed in the output of the second command?

What is the purpose of an internal segmentation firewall (ISFW)?

Refer to the exhibit, which contains the output of a BGP debug command. Which statement about the exhibit is true?

View the exhibit, which contains the output of a web diagnose command, and then answer the question below. Which one of the following statements explains why the cache statistics are all zeros?