Podcast Beta
Questions and Answers
Which tool is used to capture network traffic in FortiGate?
Which verbosity level is typically used to check the flow of traffic and dropped packets in the built-in sniffer tool?
Which level is usually used to convert the output of the built-in sniffer tool to Pcap format for analysis with WireShark?
What should you do if there were dropped packets during the sniffer capture?
Signup and view all the answers
Which command is used to enable the display of function names in the debug flow tool?
Signup and view all the answers
What does the debug flow tool show for each packet?
Signup and view all the answers
What information does the output of the debug flow tool provide for a TCP three-way handshake?
Signup and view all the answers
What does the message 'denied by forward policy check' indicate in the debug flow tool?
Signup and view all the answers
What does the message 'exceeded shaper limit, drop' indicate in the debug flow tool?
Signup and view all the answers
Which tool can be used to analyze the output of the built-in sniffer tool in Pcap format?
Signup and view all the answers
Which mode allows you to configure application signatures, categories, and groups directly on the firewall policy?
Signup and view all the answers
How many stages are there in NGFW policy mode session handling?
Signup and view all the answers
Which traffic types can the FortiGate kernel identify in the NGFW policy mode session handling?
Signup and view all the answers
What flag is set in the session table entry during Stage 2 of NGFW policy mode session handling?
Signup and view all the answers
Which inspection features are still configured as profiles in NGFW policy mode?
Signup and view all the answers
What information does the kernel use to search the NGFW policy table during Stage 1 of session handling?
Signup and view all the answers
What happens to the session table entry during Stage 2 of NGFW policy mode session handling?
Signup and view all the answers
What does the dirty flag indicate during NGFW policy mode session handling?
Signup and view all the answers
What does the FortiGate kernel do during Stage 3 of NGFW policy mode session handling?
Signup and view all the answers
What is the initial application ID assigned during Stage 1 of NGFW policy mode session handling?
Signup and view all the answers
Which debug flow error message indicates that a packet was dropped because of a traffic shaper that has exceeded one of its thresholds?
Signup and view all the answers
Which debug flow error message indicates that either no firewall policy allows the traffic, or that a disclaimer has not been accepted yet?
Signup and view all the answers
Which debug flow error message indicates that the IP-address has been quarantined by the DLP inspection?
Signup and view all the answers
Which debug flow error message indicates that the packet failed the reverse path forwarding check?
Signup and view all the answers
Which debug flow error message indicates that the packet is destined to a FortiGate IP-address (management traffic) but the service is not enabled, the service is using a different TCP port, the source IP-address is not included in the trusted host list, or the packet matches a local-in policy with action deny?
Signup and view all the answers
Which debug flow error message indicates that the packet is not destined to a FortiGate IP-address, but there is a virtual IP or IP pool configuration using the destination IP-address?
Signup and view all the answers
Which debug flow error message indicates that the packet is destined to a device on the other side of FortiGate, but a virtual IP or IP pool is wrongly using that IP-address?
Signup and view all the answers
Which debug flow error message indicates that the packet is destined to a FortiGate IP-address (for example, management traffic), but the service is not enabled, the service is using a different port, the source IP-address is not included in the trusted list, or the packet matches a local-in policy with the action deny?
Signup and view all the answers
Which debug flow error message indicates that the packet is destined to a FortiGate IP-address (for example, management traffic), but the service is not enabled, the service is using a different port, the source IP-address is not included in the trusted list, or the packet matches a local-in policy with the action deny?
Signup and view all the answers
Which debug flow error message indicates that the packet is not destined to a FortiGate IP-address, but there is a virtual IP or IP pool configuration using the destination IP-address?
Signup and view all the answers