Fortinet FCSS_NST_SE-7.4 Practice Test - Questions Answers, Page 2

Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate.

Which action will FortiGate take when using the default settings for SSL certificate inspection?

Exhibit.

Refer to the exhibit, which contains partial output from an IKE real-time debug.

Which two statements about this debug output are correct? (Choose two)

Exhibit.

Refer to the exhibit, which shows the output of a diagnose command.

What can you conclude about the debug output in this scenario?

Refer to the exhibit, which shows the output of a policy route table entry.

Which type of policy route does the output show?

Exhibit.

Refer to the exhibit, which shows a FortiGate configuration.

An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however the web filter is not inspecting any traffic that is passing through the policy.

What must the administrator do to fix the issue?

Which statement about IKEv2 is true?

Exhibit 1.

Exhibit 2.

Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.

An administrator would like to lest session failover between the two service provider connections.

Which two changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two)

Refer to the exhibit, which shows the output of a debug command.

Which two statements about the output are true? (Choose two)

Refer to the exhibit.

Which three pieces of information does the diagnose sys top command provide? (Choose three)