Question 3
Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)
For a stronger authentication, you can also enable extended authentication (XAuth) to request the remote peer to provide a username and password
FortiGate supports pre-shared key and signature as authentication methods.
Enabling XAuth results in a faster authentication because fewer packets are exchanged.
A certificate is not required on the remote peer when you set the signature as the authentication method.
Correct answer: BD
Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/913287/ipsec-vpn-authenticating-a-remote-fortigate-peer-with-a-pre-shared-key
Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/913287/ipsec-vpn-authenticating-a-remote-fortigate-peer-with-a-pre-shared-key