there are 3 rules related to port3 and two rules source LOCAL_CLIENT this would leave us with Rule 1 & 5 Rule one Service is = ULL_UDP Rule five = Internet Services Destination port we are looking for is 443 (usually this is TCP) So it had to be PID5

We are looking for a policy that will allow or deny traffic from the source interface Port3 and source IP address 10.1.1.10 (LOCAL_CLIENT) to facebook.com TCP port 443 (HTTPS). There are only two policies that will match this traffic, policy ID 2 and 5. In FortiGate, firewall policies are evaluated from top to bottom. This means that the first policy that matches the traffic is applied, and subsequent policies are not evaluated. Based on the Policy Lookup criteria, Policy ID 5 will be highlighted.

Awnser is B - policy with ID 5 It cannot be policy ID 4 because it uses port 4, and the lookup specifies port 3 It cannot be policy ID 3 either because it uses ALL_UDP instead of TCP 443 which is used for internet services

It's B, of course.

The correct one is B

B. As explanied by Slash_JM

The answer is definitely "B"

Resposta: B

La correcta es la B

Got 8 new questions will post them tomorrow evening did exam yesterday fortinet is changing the exams like cisco now

Correct

B. Policy with ID 5.

I configured this up on a 60D and it matched ID5. BTW, there is no service called ULL_UDP, obviously a typo, should be ALL_UDP, which excludes them immediately

A resposta certa é a letra B.

B for sure

B. POLICY ID 5 for sure.

Unica Politica que sai da Porta 3 com destino ao facebook é a opção 3 e 5 Mas a opção 3 Não tem https