Which two statements about IKEv2 are true if an administrator decides to implement IKEv2 in the VPN topology? (Choose two.)

• A.It includes stronger Diffie-Hellman (DH) groups, such as Elliptic Curve (ECP) groups.
• B.It supports interoperability with devices using IKEv1.
• C.It exchanges a minimum of two messages to establish a secure tunnel.
• D.It supports the extensible authentication protocol (EAP).

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit, which shows the ADVPN network topology and partial BGP configuration.


Which two parameters must an administrator configure in the config neighbor range for spokes shown in the exhibit? (Choose two.)

• A.set max-neighbor-num 2
• B.set neighbor-group advpn
• C.set route-reflector-client enable
• D.set prefix 172.16.1.0 255.255.255.0

Comment: *

Name: *

Email: *

Verification: *

Examine the partial output from two web filter debug commands; then answer the question below:

Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?

• A.Information technology.
• B.Business.
• C.Finance and banking
• D.General organization.

Comment: *

Name: *

Email: *

Verification: *

What is the initial step performed by FortiGate when handling the first packets of a session?

• A.Installation of the session key in the network processor (NP)
• B.Data encryption and decryption
• C.Security inspections such as ACL, HPE, and IP integrity header checking
• D.Offloading the packets directly to the content processor (CP)

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit, which shows an ADVPN network.

The client behind Spoke-1 generates traffic to the device located behind Spoke-2. What is the first message that the hub sends to Spoke-1 to bring up the dynamic tunnel?

• A.Shortcut query
• B.Shortcut offer
• C.Shortcut reply
• D.Shortcut forward

Comment: *

Name: *

Email: *

Verification: *