首页  /  试题详情

多选题

Refer to the exhibit.

Routing table -

dc28d12c9a722cc31441cd2866796b52.png

The routing table information is shown.

Assuming a default configuration, which three statements about the RPF check on FortiGate are correct? (Choose

three.)

A、

User B: Fail. There is no route to 95.56.234.24 using wan2 in the routing table.

B、

User A: Pass. The default static route through wan1 passes the RPF check regardless of the source IP address.

C、

User C: Pass. FortiGate will forward all incoming packets from User C using the default static route.

D、

User C: Fail. There is no route to 10.0.4.63 using port1 in the routing table.

E、

User B: Pass. FortiGate will use asymmetric routing using wan1 to reply to traffic for 95.56.234.24.

查看答案
下载APP答题
由4l***pv提供 分享 举报 纠错
相关题库推荐
新建题库04200623
2026-04-25
共70道

相关试题

单选题 During the SAML negotiation process, in which section does the identity Provider (IdP) provide the SAML attributes utilized in the authentication process to the service provider (SP)?

A、

Assertion dump

B、

Bindings HTTP post

C、

Authentication request

D、

Authentication response

单选题 Refer to the exhibit.

0481e321212ffec246e75452af562bf1.png

An administrator has configured a firewall policy to use proxy-based inspection mode.

What could explain the messages observed in the debug flow output?

A、

The FTP protocol has not yet been mapped to port 211 under Protocol Options.

B、

FortiGate does not have enough free memory to perform proxy-based inspections.

C、

At least one protocol port under Protocol Options has been mapped to Any.

D、

SSL deep inspection is not configured.

单选题 Refer to the exhibit.

Partial output of FortiOS kernel slabs

2dc5ce1bdda318f3fd11f89c118e6e21.png

The partial output of FortiOS kernel slabs is shown.

Which statement about total slab size is true?

A、

The total slab size of the ip6_session slab is 1472 kB and is associated with the kernel.

B、

The total slab size of the ip_session slab is 14080 kB and is associated with the user space.

C、

The total slab size of the UDPv6 slab is 14080 kB and is associated with the user space.

D、

The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.

单选题 Refer to the exhibit.

Debug output -

96157a1cd61afd976389bfc8699e20f0.png

The output of the command diagnose vpn tunnel list is shown.

Reviewing the debug command, what is the current status of the traffic flowing through the tunnel?

A、

NP6 is handling the offloading.

B、

The inbound IPsec SA was copied to the NPU.

C、

The outbound IPsec SA was copied to the NPU

D、

The inbound and outbound IPsec SAs were copied to the NPU.

单选题 Refer to the exhibit.

The output of the get router info bgp summary command is shown.

b3fa7951ee61851e525debff849c3feb.png

Which statement regarding adjacencies between the local router and its neighbors is correct?

A、

The local router and neighbor 100.64.2.254 are unable to establish adjacency because AS 100 is already used by neighbor 100.64.1.254.

B、

The local router and neighbor 100.64.2.254 are unable to establish adjacency until the adjacency with neighbor 100.64.1.254 ceases.

C、

The local router and neighbor 100.64.2.254 are unable to establish adjacency because the TCP session could not be established.

D、

The local router and neighbor 100.64.1.254 established adjacency because the priority of 100.64.1.254 is higher than that of 100.64.2.254.

单选题 Refer to the exhibit.

The partial output of diagnose sys session stat command is shown.

bfa4401542c831d7241335d5cbd522bb.png

Which statement about the output shown in the exhibit is correct?

A、

27 sessions have expired but are still in the session table in case any out-of-order packets arrive.

B、

562 TCP sessions have their proto_state set to 01 if there is no inspection.

C、

There have been 131072 recorded ephemeral sessions but there are no current ones.

D、

113 sessions have been dropped because of memory page exhaustion.

单选题 Refer to the exhibits.

Network topology -

3bad8099f821e79f9e47ea77975f694c.png

OSPF database -

4f42c53a3fab8f5c31cfaf80ed2e68f5.png

FGT-1 is an area border router (ABR) that has interfaces in OSPF areas 0.0.0.0 and 0.0.0.5. FGT-3 acts as an

autonomous system border router (ASBR), importing static routes into OSPF. FGT-2 is an internal router with all its

interfaces belonging to area 0.0.0.5. FGT-1 is receiving all advertised routes from FGT-2, however, FGT-3 is not

receiving any of the advertised routes from FGT-1.

What is the most likely reason for this?

A、

Area 0.0.0.5 is configured not to propagate type 5 LSAs.

B、

FGT-2 is configured with a distribution list to block all advertised routes from FGT-3.

C、

FGT-3 and FGT-2 have not formed an OSPF adjacency yet.

D、

IP protocol 89 is blocked between FGT-1 and FGT-3.

单选题 Refer to the exhibit.

The output of a BGP debug command is shown.

f4dc2c839b7ba99c82a1430879f3d6a4.png

Why has the local router at 172.16.23.58 been unable to establish adjacency with its only neighbor?

A、

The local router has not received an OPEN message from the neighbor.

B、

There is no active route to the BGP neighbor.

C、

The neighbor router has become unreachable, which is evident by the low ratio of messages received to messages sent.

D、

The local router has not received a SYN/ACK packet from the neighbor