A. Source IP

B. Spillover

C. Volume

D. Session

A. 172.16.0.0/16 [50/0] via 10.4.200.2, port2 [5/0]

B. 0.0.0.0/0 [20/0] via 10.4.200.2, port2

C. 10.4.200.0/30 is directly connected, port2

D. 172.16.32.0/24 is directly connected, port1

A. Run a sniffer on the web server.

B. Capture the traffic using an external sniffer connected to port1.

C. Execute another sniffer in the FortiGate, this time with the filter “host 10.0.1.10”

D. Execute a debug flow.

A. Browsers can be configured to retrieve this PAC file from the FortiGate.

B. Any web request to the 172.25.120.0/24 subnet is allowed to bypass the proxy.

C. All requests not made to Fortinet.com or the 172.25.120.0/24 subnet, have to go through altproxy.corp.com: 8060.

D. Any web request fortinet.com is allowed to bypass the proxy.

A. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

B. The two VLAN sub interfaces must have different VLAN IDs.

C. The two VLAN sub interfaces can have the same VLAN ID, only if they belong to different VDOMs

D. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.

A. This setup requires at least two firewall policies with the action set to IPsec.

B. Dead peer detection must be disabled to support this type of IPsec setup.

C. The Tunnel B route is the primary route for reaching the remote site. The Tunnel A route is used only if the Tunnel B VPN is down

D. This is a redundant IPsec setup.

A. To remove the NAT operation.

B. To generate logs

C. To finish any inspection operations

D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.