Refer to the exhibits. The exhibits show the application sensor configuration and the Excessive-Bandwidth and Apple filter details. Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming?
A.
Apple FaceTime will be allowed, based on the Video/Audio category configuration.
B.
Apple FaceTime will be allowed, based on the Apple filter configuration.
C.
Apple FaceTime will be allowed only if the Apple filter in Application and Filter Overrides is set to Allow.
D.
Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration.
Correct Answer:
D. Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration.
A. Incorrect: Video/Audio category is set to "Block," so FaceTime would not be allowed.
B. Incorrect: The Apple filter set to "Monitor" does not override the higher-priority "Excessive-Bandwidth" block.
C. Incorrect: Even if Apple filter were "Allow," the "Excessive-Bandwidth" block still takes precedence.
D. Correct: FaceTime is categorized under "Excessive-Bandwidth," and this override has the highest priority, explicitly blocking it.
Conclusion: FaceTime is blocked because the "Excessive-Bandwidth" filter takes priority.
Based on the application control filters order, (app overrides - filter overrides - categories), when you set face time to allow, FortiGate continue to the next AC Filter, where "Excesive bandwidth" is blocked
I guess is B 'cause FaceTime is going to be monitored If there is an excessive bandwith so FaceTime will be blocked. And also remember that said few incoming and outgoing calls would be made.
D. Just because it says that there are only a few calls, the filter override is a CATEGORY of EXCESSIVE BANDWIDTH. It matches. This question comes directly from page 259 of the study guide.
With regards to the configuration above, Apple FaceTime would be allowed based on the application filter override configuration. It would only be blocked if the consumes bandwidth excessively which according to the question states that it is only a few calls originating or incoming.
Pagina 257
Scanning Order:
After the IPS engine examines the traffic stream for a signature match, FortiGate scans packets for matches,
in this order, for the application control profile:
1. Application and filter overrides: If you have configured any application overrides or filter overrides, the
application control profile considers those first. It looks for a matching override starting at the top of the
list, like firewall policies.
2. Categories: Finally, the application control profile applies the action that you’ve configured for applications
in your selected categories.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Knocks
Highly Voted 3 months agorigonet
Most Recent 1 day, 16 hours agosxcap
1 week, 4 days agosxcap
1 week, 4 days agorene.post
2 weeks, 6 days agox666
2 days, 11 hours agoCharly0710
3 weeks agos4mu3l007
1 month, 1 week agomiguelmagr
2 months, 2 weeks agomiguelmagr
2 months, 2 weeks agoBeatledrew
3 months agowsdeffwd
3 months agoBillyon
3 months, 1 week agoIBB90704
3 months, 1 week ago