View the exhibit, which contains the output of diagnose sys session list, and then answer the question below.

If the HA ID for the primary unit is zero (0), which one of the following statements about the output is true?

A. This session is for HA heartbeat traffic.

B. This session cannot be synced with the slave unit.

C. The master unit is processing this traffic.

D. The inspection of this session has been offloaded to the slave unit.

View the global IPS configuration, and then answer the question below.

Which of the following statements is true regarding this configuration? (Choose two.)

A. IPS will scan every byte in every session.

B. IPS acceleration is disabled in this FortiGate device's configuration.

C. New packets requiring IPS inspection will be passed through during conserve mode.

D. FortiGate will spawn IPS engine instances based on the system load.

When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filler web requests when the client browser does not provide the server name indication (SNI) extension ?

A. FortiGate switches to the full SSL inspection method to decrypt the data.

B. FortiGate blocks the request without any further inspection.

C. FortiGate uses the Issued T: field in the server's certificate.

D. FortiGate uses the requested URL from the user's web browser.

View the exhibit, which contains the output of a real-time debug, and then answer the question below.

Which of the following statements are true regarding this output (Choose two.)

A. This web request was inspected using the root web filter profile.

B. The requested URL belongs to category ID 52.

C. The web request was blocked by FortiGate.

D. FortiGate found the requested URL in its local cache.

View the exhibit, which contains the output of diagnose sys session stat, and then answer the question below.

Which of the following statements about the output shown are correct? (Choose two.)

A. There are 166 TCP sessions waiting to complete the three-way handshake.

B. All the sessions in the session table are TCP sessions.

C. There are 0 ephemeral sessions.

D. No sessions have been deleted because of memory pages exhaustion.

View the exhibit, which contains the output of a debug command, and then answer the question below.

Which of the following statements about the exhibit are true? (Choose two.)

A. Port4 is connected to the OSPF backbone area.

B. In the network connected to port4, two OSPF routers are down.

C. The local FortiGate is the backup designated router.

D. The local FortiGate's OSPF router ID is 0.0.0.4.

What configuration settings change the behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)

A. mem-failopen

B. ips-failopen

C. utm-failopen

D. av-failopen

What does the dirty flag mean in a FortiGate session?

A. The session must be removed from the former primary unit after an HA failover.

B. Traffic has been identified as from an application that is not allowed.

C. The next packet must be re-evaluated against the firewall policies.

D. Traffic has been blocked by the antivirus inspection.

View these partial outputs from two routing debug commands:

Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?

A. Both port1 and port2

B. port3

C. port2

D. port1

View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.

Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

A. auto-discovery-receiver

B. auto-discovery-forwarder

C. auto-discovery-sender

D. auto-discovery-shortcut