A. The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
B. A peer ID is included in the first packet from the initiator, along with suggested security policies.
C. XAuth is enabled as an additional level of authentication, which requires a username and password.
D. A total of six packets are exchanged between an initiator and a responder instead of three packets.
A. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.
B. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.
C. The measured bandwidth is less than 100 KBps.
D. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.
A. Priority
B. Interface member
C. Gateway IP
D. Cost
A. diagnose vpn tunnel list
B. get ipsec tunnel list
C. get router info routing-table all
D. diagnose debug application ike
A. You must configure AS path prepending.
B. You must use BGP to route traffic for both overlay and underlay links.
C. You must configure BGP communities.
D. IBGP is preferred over EBGP, because IBGP preserves next hop information.
A. diagnose sys sdwan interface
B. diagnose sys sdwan service
C. diagnose sys sdwan zone
D. diagnose sys sdwan member
A. You must use IKEv2 on IPsec tunnels.
B. Routes for ADVPN shortcuts must be manually configured.
C. SD-WAN can steer traffic to ADVPN shortcuts, established over IPsec overlays, configured as SD-WAN members.
D. SD-WAN does not monitor the health and performance of ADVPN shortcuts.
A. FortiGate performs routing lookups for new sessions only, after a route change.
B. FortiGate does not change the routing information on existing sessions that use a valid gateway, after a route change.
C. FortiGate always blocks all traffic, after a route change.
D. FortiGate flushes all routing information from the session table, after a route change.
