An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings. What is true about the DNS connection to a FortiGuard server?
Correct Answer:
D
FortiGate Security 7.2 Study Guide (p.15): "When using FortiGuard servers for DNS, FortiOS uses DNS over TLS (DoT) by default to secure the DNS traffic."
When using FortiGuard servers for DNS, FortiOS defaults to using DNS over TLS (DoT) to secure the DNS traffic1. DNS over TLS is a protocol that encrypts and authenticates DNS queries and responses using the Transport Layer Security (TLS) protocol2. This prevents eavesdropping, tampering, and spoofing of DNS data by third parties.
The default FortiGuard DNS servers are 96.45.45.45 and 96.45.46.46, and they use the hostname globalsdns.fortinet.net1. The FortiGate verifies the server hostname using the server-hostname setting in the system dns configuration1.
Which statement is correct regarding the security fabric?
Correct Answer:
B
FortiGate Security 7.2 Study Guide (p.428): "You must have a minimum of two FortiGate devices at the core of the Security Fabric, plus one FortiAnalyzer or cloud logging solution. FortiAnalyzer Cloud or FortiGate Cloud can act as the cloud logging solution. The FortiGate devices must be running in NAT mode."
Refer to the exhibit, which contains a session diagnostic output.
Which statement is true about the session diagnostic output?
Correct Answer:
C
https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042
On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?
Correct Answer:
C
To complete the final step of a Security Fabric configuration, an administrator must authorize all the devices on which device?
Correct Answer:
B
