Network Application Diagnosis Quiz
20 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which command can be used to display statistics and configuration information about a feature or process in FortiGate?

  • diagnose (correct)
  • execute
  • restart
  • monitor
  • What triggers FortiGate's conserve mode?

  • CPU usage
  • Memory usage (correct)
  • Disk usage
  • Network traffic
  • What is the purpose of conserve mode in FortiGate?

  • To increase memory usage
  • To increase CPU usage
  • To improve network traffic
  • To protect against unresponsiveness due to low memory (correct)
  • What is the threshold at which FortiGate starts dropping new sessions?

    <p>95%</p> Signup and view all the answers

    What is the purpose of the CLI command 'diagnose sys top'?

    <p>To identify which process is using too much memory</p> Signup and view all the answers

    What increases memory use beyond simple firewall policies in FortiGate?

    <p>Antivirus</p> Signup and view all the answers

    How many conserve modes does FortiGate have?

    <p>One</p> Signup and view all the answers

    What happens when FortiGate's memory use goes below the set threshold?

    <p>FortiGate exits conserve mode</p> Signup and view all the answers

    What is the purpose of the Extreme threshold in FortiGate?

    <p>To start dropping new sessions</p> Signup and view all the answers

    What is the purpose of the Red threshold in FortiGate?

    <p>To enter conserve mode</p> Signup and view all the answers

    Which command can be used to change the default conserve mode threshold values?

    <p>config system global</p> Signup and view all the answers

    What happens if the GUI is unresponsive while FortiGate is in memory conserve mode?

    <p>The GUI logs become inaccessible</p> Signup and view all the answers

    Which setting is used to configure how sessions fail-open during conserve mode for proxy-based inspection?

    <p>av-failopen-session</p> Signup and view all the answers

    What does the av-failopen setting 'one-shot' do during conserve mode for proxy-based inspection?

    <p>Similar to pass, but you must manually change the av-failopen setting to restart inspection after FortiGate exits conserve mode</p> Signup and view all the answers

    Which engine handles all flow-based inspection while FortiGate is in conserve mode?

    <p>IPS engine</p> Signup and view all the answers

    What happens if IPS fail-open is enabled during conserve mode for flow-based inspection?

    <p>The IPS engine does not perform any scan, but allows new packets</p> Signup and view all the answers

    Which UTM profiles do not work with nTurbo when flow-based inspection is enabled on FortiGate?

    <p>Mixed UTM profiles using proxy-based inspection</p> Signup and view all the answers

    What is the default setting for av-failopen-session during conserve mode for proxy-based inspection?

    <p>Disabled</p> Signup and view all the answers

    Which command is used to configure IPS fail-open setting during conserve mode for flow-based inspection?

    <p>config ips global</p> Signup and view all the answers

    What does the setting av-failopen-session do during conserve mode for proxy-based inspection?

    <p>Applies the action configured in av-failopen</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser