View the exhibit.

Which of the following statements are correct? (Choose two.)
Answer : C, D
https://docs.fortinet.com/document/fortigate/6.2.4/cookbook/632796/ospf-with-ipsec-vpn-for-network-redundancy
Which two statements describe how the RPF check is used? (Choose two.)
Answer : A, C
FortiGate Infrastructure 7.2 Study Guide (p.41): 'The RPF check is a mechanism that protects FortiGate and your network from IP spoofing attacks by checking for a return path to the source in the routing table.' 'FortiGate performs an RPF check only on the first packet of a new session. That is, after the first packet passes the RPF check and FortiGate accepts the session, FortiGate doesn't perform any additional RPF checks on that session.'
A) The RPF check is a mechanism that protects FortiGate and the network from IP spoofing attacks.
This is true because the RPF check verifies that the source IP address of an incoming packet matches the reverse route for that address, meaning that the packet came from a legitimate source and not from an attacker who is trying to impersonate another host.This prevents IP spoofing attacks, where an attacker sends packets with a forged source IP address to bypass security policies or launch denial-of-service attacks1
C) The RPF check is run on the first sent packet of any new session.
This is true because the RPF check is performed only once per session, on the first packet sent by either the client or the server, depending on the direction of the session initiation.This reduces the processing overhead and improves performance2
Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?
Answer : A
An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?
Answer : D
Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)
Answer : A, C
Which two statements are correct about a software switch on FortiGate? (Choose two.)
Answer : A, C
An administrator wants to simplify remote access without asking users to provide user credentials.
Which access control method provides this solution?
Answer : B
FortiGate Infrastructure 7.2 Study Guide (p.165): 'ZTNA access proxy allows users to securely access resources through an SSL-encrypted access proxy. This simplifies remote access by eliminating the use of VPNs.'
This is true because ZTNA access proxy is a feature that allows remote users to access internal applications without requiring VPN or user credentials. ZTNA access proxy uses a secure tunnel between the user's device and the FortiGate, and authenticates the user based on device identity and context. The user only needs to install a lightweight agent on their device, and the FortiGate will automatically assign them to the appropriate application group based on their device profile.This simplifies remote access and enhances security by reducing the attack surface12