FCESP - Fortinet Certified Email Security Professional

Go back to Fortinet

Example Questions

When inspecting and delivering mail messages, which of the following steps could be taken by a FortiMail unit operating in Transparent mode? Which of the following statements is true regarding Message Delivery Rules? How can a FortiMail administrator view or search archived emails? Which SMTP sessions are defined as outgoing? When the DomainKeys Identified Mail (DKIM) feature is used, where is the public key stored? Which of the following statements regarding User Quarantine Access is true? Which of the following statements regarding SMTPs and SMTP over TLS are true? Which of the following DNS records is commonly used to identify where to send mail for a particular domain name? Which of the following is an advantage of using Banned Word scanning instead of Dictionary scanning? Which of the following statements regarding Antivirus scanning is NOT correct? Which back-end servers can be used to provide Recipient Verification? What is the SMTP command used to initiate SMTP authentication? According to the Message Header printed below, which antispam technique detected this email as spam: Return-Path: [email protected] (SquirrelMail authenticated user user1) by 172.16.78.8 with HTTP; X-FEAS-HASH: 6ef419f0a0608b1655xxxxe68080df3cb12fc38f1118d2f085985eeb000274d7 Sat, 18 Apr 2009 15:53:06 +0200 (CEST) Message-ID : <[email protected]> Date : Sat, 18 Apr 2009 15 :53 :06 +0200 (CEST) Subject: [SPAM] Sales From: [email protected] To: [email protected] User-Agent: SquirrelMail/1.4.10a-1.fc6 MIME-Version : 1.0 Content-Type : text/plain ;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Original-To: [email protected] Delivered-To: [email protected] Received: from fm.sub.training1.lab (fm.sub.training1.lab [192.168.11.101]) by mail.training.lab (Postfix) with ESMTP id A9160187073 for <[email protected]>; Sun, 19 Apr 2009 16:58:48 +0200 (CEST) Received: from mail.external.lab ([172.16.78.8]) by fm.sub.training1.lab with ESMTP id n3LEPHWu001093 for <[email protected]>; Tue, 21 Apr 2009 10:25:17 -0400 Received: from 172.16.78.8 (localhost [127.0.0.1]) by mail.external.lab (Postfix) with ESMTP id 247D9BF893 for <[email protected]>; Sat, 18 Apr 2009 15:53:06 +0200 (CEST) Received: from 192.168.3.101 On a FortiMail unit, access control rules specify actions to be taken against matching email messages. Which of the following statements correctly describes the Bypass action? Which of the following profile types on a FortiMail unit make use of the system quarantine to isolate email messages? A System Administrator is concerned by the amount of disk space being used to store quarantine email messages for non-existent accounts. Which of the following techniques can be used on a FortiMail unit to PREVENT email messages from being quarantined for non-existent accounts? When using Sender Reputation on a FortiMail unit, which of the following actions can be taken against a source IP address generating spam or invalid email messages? Which operational modes support High Availability? A System Administrator is concerned by the amount of system resources being used to store quarantine email messages for non-existent accounts. Which of the following techniques can be used on a FortiMail unit to free up system resources? What is the outcome of the following CLI commands executed on a FortiMail unit operating in Transparent mode? config system interface edit port2 set bridge-member disable end Which of the following statements regarding SMTP Authentication is true? A FortiMail unit is installed in Gateway mode and is protecting a single email domain. Which of the following statements is NOT true in this scenario? Which of the following features can be used to expand a single recipient address into a group of one or many email addresses? Which of the following statements is true regarding Recipient and IP-based policies? Which of the following features are available on a FortiMail unit operating in Server mode? An email message received by the FortiMail unit is subject to the Bounce Verification antispam check under which circumstances? Which of the following parameters CANNOT be configured using the Quick Start Wizard? Which CLI command was used to generate the output shown below: Version: FortiMail-400B v4.0,build0103,091223 (GA Patch 1) Virus-DB: 11.551(03/05/2010 01:02) Serial-Number: FE400B3M09000140 BIOS version: 00010010 Log disk: Capacity 92 GB, Used 32 MB ( 0.04%), Free 92 GB Mailbox disk: Capacity 371 GB, Used 277 MB ( 0.08%) , Free 370 GB Hostname: server Operation Mode: Server HA configured mode: Off HA effective mode: Off Distribution: International Branch point: 103 System time: Fri Mar 5 15:04:04 2010 Which of the following statements is true regarding Session-based antispam techniques? A FortiMail administrator must enforce the following company policy: All emails containing executable attachments must be detected. This detection must be file name independent. For example, if a user renames an executable from .exe to .txt, the file should still be detected. Which FortiMail inspection technique should the administrator apply? Which default Bayesian account can be used as the recipient address to train the spam database? Which operation is performed by the Forged IP scanning technique? Which of the following allow a TLS profile to be used? An administrator of a FortiMail unit operating in Server Mode has been given the requirement to configure disk quotas for all the users of a specific domain. How can the administrator achieve this requirement? An email user reports that his mail client is unable to display correctly all emails received from a corporate remote office. The data portion is being replaced by an attachment *.p7m . Which of the following factors are likely contributing to this issue? Which of the following FortiMail profile types apply to IP-based policies only? A FortiMail unit installed in Transparent mode protects a mail domain training1.lab on a mail server with IP address 172.16.1.1. On the protected domain, the "Use this domain's SMTP server to deliver the mail" setting is ENABLED and the "Hide the transparent box" setting is DISABLED. An email from [email protected] to [email protected] (172.16.1.1) is intercepted by the FortiMail unit. Which of the following statements is true based on this scenario? Which of the following statements is true regarding an Active Passive HA configuration? Which of the following situations could explain why an email message would be in the dead mail queue on a FortiMail unit operating in Gateway mode? Which of the following features can be used to hide internal email domains and email addresses? Which of the following describe the functionality of the quarantine control account? Examine the SMTP session below to determine which of the following statements is TRUE: 220 server.internal.lab ESMTP Smtpd; Fri, 5 Mar 2010 10:15:17 +0100 ehlo 192.168.5.192 250-server.internal.lab Hello [192.168.5.192], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 10485760 250-DSN 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 250-STARTTLS 250-DELIVERBY 250 HELP mail from: <[email protected]> 250 2.1.0 <[email protected]>… Sender ok rcpt to: <[email protected]> 250 2.1.5 <[email protected]>… Recipient ok data 354 Enter mail, end with “.” on a line by itself This is a test . 250 2.0.0 o259FHGe000418-o259FHGf000418 Message accepted for delivery quit 221 2.0.0 server.internal.lab closing connection An SMTP client successfully authenticates with a FortiMail unit with no access list entries configured. Which of the following statements correctly describes the expected behavior of the FortiMail unit in this scenario? In an LDAP query, which variable can be used to identify the full email address? Which of the following statements is true regarding oversized emails? What is the recommended procedure to identify emails encoded in a specific charset? Which of the following back-end servers can NOT be used to provide Recipient Verification? Which protection profile can be used to protect against Directory Harvest attacks? Under which of the following conditions would an email be placed in the Dead Mail queue? Which of the following sentences is true regarding a Config Only cluster?