Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command.
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a
decrease in the CPU usage?

1. A. The IPS engine was inspecting high volume of traffic.
2. B. The IPS engine was unable to prevent an intrusion attack .
3. C. The IPS engine was blocking all traffic.
4. D. The IPS engine will continue to run in a normal state.

Correct Answer: A
fortinet-fortigate-security-study-guide-for-fortios-72 page 417 If there are high-CPU use problems caused by the IPS, you can use the diagnose test application ipsmonitor command with option 5 to isolate where the problem might be. Option 5 enables IPS bypass mode. In this mode, the IPS engine is still running, but it is not inspecting traffic. If the CPU use decreases after that, it usually indicates that the volume of traffic being inspected is too high for that FortiGate model.

If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

1. A. The Services field prevents SNAT and DNAT from being combined in the same policy.
2. B. The Services field is used when you need to bundle several VIPs into VIP groups.
3. C. The Services field removes the requirement to create multiple VIPs for different services.
4. D. The Services field prevents multiple sources of traffic from using multiple services to connect to a single computer.

Correct Answer: C

Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?

1. A. Antivirus engine
2. B. Intrusion prevention system engine
3. C. Flow engine
4. D. Detection engine

Correct Answer: B
http://docs.fortinet.com/document/fortigate/6.0.0/handbook/240599/application-control

An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

1. A. VLAN interface
2. B. Software Switch interface
3. C. Aggregate interface
4. D. Redundant interface

Correct Answer: C
An aggregate interface is a logical interface that combines two or more physical interfaces into one virtual interface1. An aggregate interface can increase network bandwidth and provide redundancy by distributing traffic across multiple physical interfaces using a load balancing algorithm1. An aggregate interface can also support link aggregation control protocol (LACP) to negotiate the link aggregation settings with the connected device1.

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

1. A. The interface has been configured for one-arm sniffer.
2. B. The interface is a member of a virtual wire pair.
3. C. The operation mode is transparent.
4. D. The interface is a member of a zone.
5. E. Captive portal is enabled in the interface.

Correct Answer: ABC
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-whats-new-54/Top_VirtualWirePair.htm