Which two statements about bfd are true? (Choose two)
A. It can support neighbor only over the next hop in BGP
B. You can disable it at the protocol level
C. It works for OSPF and BGP
D. You must configure n globally only
Exhibit.
Refer to the exhibit, which shows information about an OSPF interlace
What two conclusions can you draw from this command output? (Choose two.)
A. The port3 network has more man one OSPF router
B. The OSPF routers are in the area ID of 0.0.0.1.
C. The interfaces of the OSPF routers match the MTU value that is configured as 1500.
D. NGFW-1 is the designated router
You want to configure faster failure detection for BGP
Which parameter should you enable on both connected FortiGate devices?
A. Ebgp-enforce-multihop
B. bfd
C. Distribute-list-in
D. Graceful-restart
Which two statements about IKE vision 2 are true? (Choose two.)
A. Phase 1 includes main mode
B. It supports the extensible authentication protocol (EAP)
C. It supports the XAuth protocol.
D. It exchanges a minimum of four messages to establish a secure tunnel
Which two statements about metadata variables are true? (Choose two.)
A. You create them on FortiGate
B. They apply only to non-firewall objects.
C. The metadata format is $
D. They can be used as variables in scripts
You created a VPN community using VPN Manager on FortiManager. You also added gateways to the VPN community. Now you are trying to create firewall policies to permit traffic over the tunnel however, the VPN interfaces do not appear as available options.
A. Create interface mappings for the IPsec VPN interfaces before you use them in a policy.
B. Refresh the device status using the Device Manager so that FortiGate populates the IPSec interfaces
C. Configure the phase 1 settings in the VPN community that you didnt initially configure. FortiGate automatically generates the interfaces after you configure the required settings
D. install the VPN community and gateway configuration on the fortiGate devices so that the VPN interfaces appear on the Policy Objects on fortiManager.
Refer to the exhibit, which contains a partial BGP combination.
You want to configure a loopback as the OGP source.
Which two parameters must you set in the BGP configuration? (Choose two)
A. ebgp-enforce-multihop
B. recursive-next-hop
C. ibgp-enfoce-multihop
D. update-source
Exhibit.
Refer to the exhibit, which contains a partial policy configuration.
Which setting must you configure to allow SSH?
A. Specify SSH in the Service field
B. Configure pot 22 in the Protocol Options field.
C. Include SSH in the Application field
D. Select an application control profile corresponding to SSH in the Security Profiles section
Refer to the exhibit, which shows an ADVPN network.
Which VPN phase 1 parameters must you configure on the hub for the ADVPN feature to function? (Choose two.)
A. set auto-discovery-forwarder enable
B. set add-route enable
C. set auto-discovery-receiver enable
D. set auto-discovery-sender enable
You contoured an address object on the tool fortiGate in a Security Fabric. This object is not synchronized with a downstream device. Which two reasons could be the cause? (Choose two)
A. The address object on the tool FortiGate has fabric-object set to disable
B. The root FortiGate has configuration-sync set to enable
C. The downstream TortiGate has fabric-object-unification set to local
D. The downstream FortiGate has configuration-sync set to local