Refer to the exhibit. The exhibit shows FortiGate configuration and the output of the debug command. Based on the diagnostic output, how is the FortiGate handling the traffic for new sessions that require proxy based inspection?
A.
It is allowed, but with no inspection.
B.
It is allowed and inspected, as long as the only inspection required is antivirus.
C.
It is dropped.
D.
It is allowed and inspected, as long as the inspection is flow based.
Correct answer C
av-failopen pass (default): All new sessions pass without inspection
but the 3 memory thresholds : red, extreme and green are set with the values:
green: 82%
red: 88%
extreme: 95%
these values serve as a reference for the “memory used” which in this case is 97% used. So…
Fortigate Infrastructure 6.2 Study Guide page 396 says:
However, if the “memory usage exceeds” the “extreme threshold”, new sessions “are always dropped”, regardless of the FortiGate configuration.
Answer is A. fail-open mode is pass. the default mode when allowing trafic is more important than security. the other mode are off and one-shot.
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/681934/conserve-mode
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
NETeng01
Highly Voted 4Â years, 3Â months agoSebaAr22
Highly Voted 4Â years, 3Â months agoscuadro
Most Recent 4Â years, 2Â months agopollyy
4Â years, 2Â months agoGeorgio
4Â years, 3Â months agovariaj8
4Â years, 4Â months agovariaj8
4Â years, 4Â months ago