Q61. - (Topic 19) 

For data leak prevention, which statement describes the difference between the block and 

quarantine actions? 

A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol. 

B. A block action prevents the transaction. A quarantine action archives the data. 

C. A block action has a finite duration. A quarantine action must be removed by an administrator. 

D. A block action is used for known users. A quarantine action is used for unknown users. 

Answer:


Q62. - (Topic 9) 

Which statements are correct regarding URL filtering on a FortiGate unit? (Choose two.) 

A. The allowed actions for URL filtering include allow, block, monitor and exempt. 

B. The allowed actions for URL filtering are Allow and Block only. 

C. URL filters may be based on patterns using simple text, wildcards and regular expressions. 

D. URL filters are based on simple text only and require an exact match. 

Answer: A,C 


Q63. - (Topic 2) 

What logging options are supported on a FortiGate unit? (Choose two.) 

A. LDAP 

B. Syslog 

C. FortiAnalyzer 

D. SNMP 

Answer: B,C 


Q64. - (Topic 11) 

Examine the exhibit; then answer the question below. 

The Vancouver FortiGate initially had the following information in its routing table: S 172.20.0.0/16 [10/0] via 172.21.1.2, port2 

C 172.21.0.0/16 is directly connected, port2 C 172.11.11.0/24 is directly connected, port1 Afterwards, the following static route was added: config router static edit 6 set dst 172.20.1.0 255.255.255.0 set pririoty 0 set device port1 set gateway 172.11.12.1 next end Since this change, the new static route is NOT showing up in the routing table. Given the 

information provided, which of the following describes the cause of this problem? 

A. The subnet 172.20.1.0/24 is overlapped with the subnet of one static route that is already in the routing table (172.20.0.0/16), so, we need to enable allow-subnet-overlap first. 

B. The 'gateway' IP address is NOT in the same subnet as the IP address of port1. 

C. The priority is 0, which means that the route will remain inactive. 

D. The static route configuration is missing the distance setting. 

Answer:


Q65. - (Topic 20) 

Examine at the output below from the diagnose sys top command: # diagnose sys top 1 Run Time: 11 days, 3 hours and 29 minutes 0U, 0N, 1S, 99I; 971T, 528F, 160KF sshd 123 S 1.9 1.2 ipsengine 61 S < 0.0 5.2 miglogd 45 S 0.0 4.9 

pyfcgid 75 S 0.0 4.5 

pyfcgid 73 S 0.0 3.9 

Which statements are true regarding the output above? (Choose two.) 

A. The sshd process is the one consuming most CPU. 

B. The sshd process is using 123 pages of memory. 

C. The command diagnose sys kill miglogd will restart the miglogd process. 

D. All the processes listed are in sleeping state. 

Answer: A,D 


Q66. - (Topic 14) 

Which of the following statements are correct about the HA command diagnose sys ha reset-uptime? (Choose two.) 

A. The device this command is executed on is likely to switch from master to slave status if override is disabled. 

B. The device this command is executed on is likely to switch from master to slave status if override is enabled. 

C. This command has no impact on the HA algorithm. 

D. This command resets the uptime variable used in the HA algorithm so it may cause a 

new master to become elected. 

Answer: A,D