A FortiGate has two default routes: All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user:

What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?

A. Session would remain in the session table and its traffic would keep using port1 as the outgoing interface.

B. Session would remain in the session table and its traffic would start using port2 as the outgoing interface.

C. Session would be deleted, so the client would need to start a new session.

D. Session would remain in the session table and its traffic would be shared between port1 and port2.

View the central management configuration shown in the exhibit, and then answer the question below.

Which server will FortiGate choose for antivirus and IPS updates if 10.0.1.243 is experiencing an outage?

A. 10.0.1.240

B. One of the public FortiGuard distribution servers

C. 10.0.1.244

D. 10.0.1.242

View the exhibit, which contains the output of a debug command, and then answer the question below.

What statement is correct about this FortiGate?

A. It is currently in system conserve mode because of high CPU usage.

B. It is currently in FD conserve mode.

C. It is currently in kernel conserve mode because of high memory usage.

D. It is currently in system conserve mode because of high memory usage.

Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)

A. Preview pending configuration changes for managed devices.

B. Add devices to FortiManager.

C. Import policy packages from managed devices.

D. Install configuration changes to managed devices.

E. Import interface mappings from managed devices.

An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

A. diagnose sniffer packet any `udp port 500'

B. diagnose sniffer packet any `udp port 4500'

C. diagnose sniffer packet any `esp'

D. diagnose sniffer packet any `udp port 500 or udp port 4500'

View the exhibit, which contains the output of a real-time debug, and then answer the question below.

Which of the following statements is true regarding this output? (Choose two.)

A. This web request was inspected using the root web filter profile.

B. FortiGate found the requested URL in its local cache.

C. The requested URL belongs to category ID 52.

D. The web request was allowed by FortiGate.

What is the purpose of an internal segmentation firewall (ISFW)?

A. It inspects incoming traffic to protect services in the corporate DMZ.

B. It is the first line of defense at the network perimeter.

C. It splits the network into multiple security segments to minimize the impact of breaches.

D. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.

View the exhibit, which contains a partial web filter profile configuration, and then answer the question

below.

Which action will FortiGate take if a user attempts to access www.dropbox.com, which is categorized as

File Sharing and Storage?

A. FortiGate will exempt the connection based on the Web Content Filter configuration.

B. FortiGate will block the connection based on the URL Filter configuration.

C. FortiGate will allow the connection based on the FortiGuard category based filter configuration.

D. FortiGate will block the connection as an invalid URL.

When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filter web requests when the client browser does not provide the server name indication (SNI) extension?

A. FortiGate uses the requested URL from the user's web browser.

B. FortiGate uses the CN information from the Subject field in the server certificate.

C. FortiGate blocks the request without any further inspection.

D. FortiGate switches to the full SSL inspection method to decrypt the data.

Refer to the exhibit, which contains the output of get system ha status. Which two statements about the output are true? (Choose two.)

A. The slave configuration is synchronized with the master.

B. port7 is used as the HA heartbeat on all devices in the cluster.

C. Master is selected based on the priority configured under config system ha.

D. The HA management IP is 169.254.0.2.