Fortinet FCP_FGT_AD-7.4 Practice Test - Questions Answers, Page 8

A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy.

When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the and does not block the file allowing it to be downloaded.

The administrator confirms that the traffic matches the configured firewall policy.

What are two reasons for the failed virus detection by FortiGate? (Choose two.)

Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command shown in the exhibit.

If option 5 is used with the IPS diagnostic command and the outcome is a decrease in the CPU usage, what is the correct conclusion?

How can you disable RPF checking?

An administrator is configuring an IPsec VPN between site A and site . The Remote Gateway setting in both sites has been configured as Static IP Address.

For site A, the local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24.

Which subnet must the administrator configure for the local quick mode selector for site B?

FortiGate is operating in NAT mode and has two physical interfaces connected to the LAN and DMZ networks respectively.

Which two statements are true about the requirements of connected physical interfaces on FortiGate? (Choose two.)

Which two pieces of information are synchronized between FortiGate HA members? (Choose two.)

Refer to the exhibit.

Based on the routing database shown in the exhibit which two conclusions can you make about the routes? (Choose two.)

What are two features of FortiGate FSSO agentless polling mode? (Choose two.)

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?