Refer to the exhibit.A VPN IPsec is connecting the headquarters office (HQ) with a branch office (BO). OSPF is used to redistribute routes between the offices. After deployment, a server with IP address 10.10.10.35 located on the DMZ network of the BO FortiGate, was reported unreachable from hosts located on the LAN network of the sameFortiGate.Referring to the exhibit, which statement is true?
A customer has a SCADA environmental control device that is triggering a false-positive IPS alert whenever the Web GUI of the device is accessed. You cannot create a functional custom IPS filter to exempt this behavior, and it appears that the device is so old that it does not have HTTPS support. You need to prevent the false positive IPS alerts from occurring.In this scenario, which two actions will accomplish this task? (Choose two.)
Refer to the exhibit.The FortiAP profile used by the FortiGate managed AP is shown in the exhibit.Which two statements in this scenario are correct? (Choose two.)
Refer to the exhibit.The exhibit shows a topology where a FortiGate is split into two VDOMs, root and vd-lan. The root VDOM provides external SSL-VPN access, where the users are authenticated by a FortiAuthenticator. The vd-lan VDOM provides internal access to a Web server.For the remote users to access the internal Web server, there are a few requirements as follows:"¢ All traffic must come from the SSL-VPN."¢ The vd-lan VDOM only allows authenticated traffic to the Web server."¢ Users must only authenticate once, using the SSL-VPN portal."¢ SSL-VPN uses RADIUS-based authentication.Given these requirements and the topology shown in the exhibit, which two statements are true? (Choose two.)
A customer wants to use a central RADIUS server for management authentication when connecting to the FortiGate GUI and to provide different levels of access for different types of employees.Which three actions are required to provide the requested functionality? (Choose three.)
Refer to the exhibit.You need to apply the security features listed below to the network shown in the exhibit."¢ High grade DDoS protection"¢ Web security and load balancing for Server 1 and Server 2"¢ Solution must be PCI DSS compliant"¢ Enhanced security to DNS 1 and DNS 2What are three solutions for this scenario? (Choose three.)
