Exhibit.

Refer to the exhibit, which shows the output of get system ha status.
NGFW-1 and NGFW-2 have been up for a week.
Which two statements about the output are true? (Choose two.)
Refer to the exhibit.
The exhibit shows the output from using the command diagnose debug application samld -1 to diagnose a SAML connection.

Based on this output, what can you conclude?
Refer to the exhibit, which shows the partial output of command diagnose debug rating.

In this exhibit, which FDS server will the FortiGate algorithm choose?
Which two protocol states indicate that traffic is bidirectional? (Choose two.)
Refer to the exhibit.

The partial output of diagnose sys session stat command is shown.
Which statement about the output shown in the exhibit is correct?
Refer to the exhibit.

The exhibit shows the output of a session. Which two statements are correct? (Choose two.)
Refer to the exhibit.

The exhibit shows a session entry. Which statement about this TCP session is true?
Refer to the exhibits.

An OSPF peer is advertising route 172.16.52.0/24. The local FortiGate is configured with an inbound distribution list that allows the 172.16.0.0/16 network to be injected into its routing table. However, the 1 ' 2.16.52.0/24 subnet cannot be seen in the FIB.
Which two stops can the administrator of the local FortiGate take to ensure that the advertised 172.16. 52.0/24 subnet will be injected into the routing table? (Choose two.)
Refer to the exhibit.
The output of a BGO debug command is shown.

What is the most likely reason that the local FortiGate is not receiving any prefixes from its neighbors?
Refer to the exhibit, which shows the output of the command get router info bgp neighbors 100.64.2.254 advertised-routes.

What can you conclude from the output?
Exhibit.

Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
What three conclusions can you draw from these log entries? {Choose three.)
Refer to the exhibit, which shows partial outputs from two routing debug commands.

Why is the port2 default route not in the second command output?

Which two observations can you make from the output? (Choose two.)
A VPN tunnel is up. To monitor traffic flow, the administrator enters the following CLI commands on an SSH session on FortiGate:
# diagnose debug enable
# diagnose sniffer packet any ' udp and port 500 ' 4
However, the sniffer does not show any output. Assuming default configuration values, what are two possible reasons there is no output? (Choose two answers)
Refer to the exhibit, which shows a truncated output of a real-time LDAP debug.

What two conclusions can you draw from the output? (Choose two.)
Which exchange lakes care of DoS protection in IKEv2?
Exhibit.

Refer to the exhibit, which shows a FortiGate configuration.
An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however the web filter is not inspecting any traffic that is passing through the policy.
What must the administrator do to fix the issue?
Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate. Which two actions will FortiGate take when using the default settings for SSL certificate inspection? (Choose two answers)
Refer to the exhibit.

The output of diagnose sys session list command is shown.
If the HA ID for the primary device is 9, what happens if the primary fails and the secondary becomes the primary?
Which Iwo actions does FortiGate take after an administrator enables the auxiliary session selling? (Choose two.)
Exhibit 1.

Exhibit 2.

Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.
An administrator would like to lest session failover between the two service provider connections.
Which two changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)
Refer to the exhibit.

If the default settings are m place, what can you conclude about the conserve mode shown in the exhibit?
Exhibit.

Refer to the exhibit, which shows a partial web fillet profile configuration.
Which action does FortiGate lake if a user attempts to access dropbox. com, which is categorized as File Sharing and Storage?
Refer to the exhibit, which shows a session entry.

Which statement about this session is true?
Which two statements about conserve mode are true? (Choose two.)
Refer to the exhibit, which shows the output of a debug command.

Which two statements about the output are true? (Choose two.)
Which two statements about an auxiliary session ate true? (Choose two.)
An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.
If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?
Refer to the exhibit.
Partial output of diagnose sys session stat command is shown.

An administrator has noticed unusual behavior from FortiGate. It appears that sessions are randomly removed. Which two reasons could explain this? (Choose two.)
Refer to the exhibit, which shows the partial output of FortiOS kernel slabs.

Which statement is true?
Refer to the exhibit, which shows the modified output of the routing kernel.

Which statement is true?
Refer to the exhibit.

Partial output of the get vpn ipsec tunnel details command is shown. Based on the output, which two statements are correct? (Choose two.)
Which three common FortiGate-to-collector-agent connectivity issues can you identify using the FSSO real-time debug? (Choose three.)
Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate.
Which action will FortiGate take when using the default settings for SSL certificate inspection?
Exhibit.

Refer to the exhibit, which shows the output of diagnose automation test.
What can you observe from the output? (Choose two.)
Refer to the exhibit.

The partial output of a session table entry is shown.
Which two statements about the output shown in the exhibit are correct? (Choose two.)
Refer to the exhibit.

An IPsec VPN tunnel using IKEv2 was brought up successfully, but when the tunnel rekey takes place the tunnel goes down.
The debug command for IKE was enabled and, in the exhibit, you can review the partial output of the debug IKE while attempting to bring the tunnel up.
What is causing. The tunnel to be down?
Refer to the exhibit.

The output of the get router info bgp summary command is shown.
Which statement regarding adjacencies between the local router and its neighbors is correct?
Refer to the exhibit, which shows the output of diagnose sys session stat.

Which statement about the output shown in the exhibit is correct?
In which two slates is a given session categorized as ephemeral? (Choose two.)