Q: 10
Refer to the exhibit.
The exhibit shows output of the command diagnose sys adwan aervice4 collected on a FortiGate
device.
The administrator wants to know through which interface FortiGate will steer traffic from local users
on subnet 10.0.1.0/255.255.255.192 and with a destination of the social media application Facebook.
Based on the exhibits, which two statements are correct? (Choose two.)
The exhibit shows output of the command diagnose sys adwan aervice4 collected on a FortiGate
device.
The administrator wants to know through which interface FortiGate will steer traffic from local users
on subnet 10.0.1.0/255.255.255.192 and with a destination of the social media application Facebook.
Based on the exhibits, which two statements are correct? (Choose two.)Options
Discussion
C/D? Traffic for Facebook hits the app-based rule (service rule 4), so it'd use port2 since that's set as higher priority, I think. If the app's not detected, FortiGate falls back to implicit load balancing over all members. Not 100% sure-anyone spot something off in the exhibit?
B or C. Rule 3 stands out to me because if there's no Facebook service defined, it might just fall to the more general rule, but C's wording about the social media app makes sense too. Not positive, anyone think B makes more sense?
C and D for me. B looks tempting but FortiGate checks the app rule for Facebook first so that steers it via port2, and load balancing only applies if app detection fails. Anyone else see practice questions where B was right?
I think it's C and D here. Some people go for B but that's a trap, since traffic hits the app rule first (Facebook to port2), then default load balancing kicks in only if app isn't recognized. Seen a similar question on practice tests.
Be respectful. No spam.
