An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings.
What is true about the DNS connection to a FortiGuard server?
An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings.
What is true about the DNS connection to a FortiGuard server?
When an administrator configures FortiGuard servers as DNS servers on FortiGate using default settings, the DNS connection to a FortiGuard server uses DNS over TLS (DoT). This is the default protocol to secure DNS traffic when using FortiGuard servers, ensuring that the connections are encrypted and secure.
FortiGate_Security_7.2_Study_Guide page 15
Study Guide Page 15 - By default, uses DNS over TLS DoT to secure DNS traffic - FortiOS uses Fortiguard server for DNS requests
FortiGate Security 7.2 Study Guide P.15 When using FortiGuard servers for DNS, FortiOS uses DNS over TLS (DoT) by default to secure the DNS traffic. New FortiGuard DNS servers have been added as primary and secondary servers.
B is correct
Apologize correct is D (DNS over TLS)
ref security 7.2, page 15, last paragraph.
Correct answer is D https://docs.fortinet.com/document/fortigate/7.0.0/new-features/92199/use-dns-over-tls-for-default-fortiguard-dns-servers-7-0-4
Answer is D: https://docs.fortinet.com/document/FortiProxy/7.2.0/administration-guide/710207/use-dns-over-tls-for-default-fortiguard-dns-servers
For DNS servers, select Use FortiGuard Servers. The Primary DNS server is 96.45.45.45, and the Secondary DNS server is 96.45.46.46. DNS Protocols is set to TLS and cannot be modified.
I’m going with answer D if this exam is focused on FortiOS 7.2.3 and lower. From 7.2.4 the default setting is set to DNS (UDP/53) and TLS (TCP/853) is optional.
When using FortiGuard servers for DNS, FortiOS defaults to using DNS over TLS (DoT) to secure the DNS traffic. So answer D is correct. It will be using not UDP port 53 but port 853.
D. It uses DNS over TLS. FortiGate Security 7.2 Study Guide (p.15): "When using FortiGuard servers for DNS, FortiOS uses DNS over TLS (DoT) by default to secure the DNS traffic." Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html
When using fortiguard servers for DNS? FortiOS uses DNS over TLS by default to secure the DNS traffic. Answer D is correct. FortiGate_Security_7.2_Study_Guide page 15
DNS over TLS
B CORRECT. https://docs.fortinet.com/document/fortigate/7.0.0/new-features/92199/use-dns-over-tls-for-default-fortiguard-dns-servers-7-0-4 Debido a que los servidores DNS probablemente no admiten DES de bajo cifrado, los dispositivos de bajo cifrado no tienen la opción de seleccionar DoT o DoH. En su lugar, los dispositivos utilizan de forma predeterminada texto no cifrado (UDP/53).
B is correct According to FortiOS 7.2.0 Administration Guide: The following DNS protocols can be enabled: - cleartext: Enable clear text DNS over port 53 (default). - dot: Enable DNS over TLS. - doh: Enable DNS over HTTPS.
Correction: D is the right answer. 'When using FortiGuard servers for DNS, FortiOS defaults to using DNS over TLS (DoT) to secure the DNS traffic. New FortiGuard DNS servers are added as primary and secondary servers.'
I didn't find this reference on Admin Guide, but on FortiGate Security 7.2 Study Guide P.15 When using FortiGuard servers for DNS, FortiOS uses DNS over TLS (DoT) by default to secure the DNS traffic. New FortiGuard DNS servers have been added as primary and secondary servers. I've tested on lab and the result was the same of the Study Guide.
Correct answer: D
Correct answer: D
FortiGate_Security_7.2_Study_Guide page 15. "When using FortiGuard servers for DNS, FortiOS uses DNS over TLS by default to secure the DNS traffic."