FCNSA

Go back to Fortinet

Example Questions

Which of the following pieces of information can be included in the Destination Address field of a firewall policy? An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.) Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available event types in Web Config? (Select all that apply.) How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side? Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.) The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate Web Config and also using the CLI. The command used in the CLI to perform this function is __________. Identify the statement which correctly describes the output of the following command: diagnose ips anomaly list An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. Which of the following statements best describes how to resolve this issue? UTM features can be applied to which of the following items? An administrator logs into a FortiGate unit using an account which has been assigned a super_admin profile. Which of the following operations can this administrator perform? A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices? Which of the following statements correctly describes how a FortiGate unit functions in Transparent mode? In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services. The Idle Timeout setting on a FortiGate unit applies to which of the following? Which one of the following statements is correct about raw log messages? Which of the following methods can be used to access the CLI? (Select all that apply.) Which Fortinet products & features could be considered part of a comprehensive solution to monitor and prevent the leakage of senstive data? (Select all that apply.) Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.) SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL- encrypted website? Which of the following logging options are supported on a FortiGate unit? (Select all that apply.) Which of the following statements is correct regarding URL Filtering on the FortiGate unit? In which order are firewall policies processed on the FortiGate unit? A FortiGate unit can provide which of the following capabilities? (Select all that apply.) You wish to create a firewall policy that applies only to traffic intended for your web server. The server has an IP address of 192.168.2.2 and belongs to a class C subnet. When defining the firewall address for use in this policy, which one of the following addressing formats is correct? What are the valid sub-types for a Firewall type policy? (Select all that apply) The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters. Which of the following items describes user? If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces? When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password. If the password is forgotten, the configuration file can still be restored using which of the following methods? The FortiGate Web Config provides a link to update the firmware in the System > Status window. Clicking this link will perform which of the following actions? A FortiGate 100 unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.) Which of the following spam filtering methods are supported on the FortiGate unit? (Select all that apply.) A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.) What is the FortiGate unit password recovery process? Which of the following regular expression patterns will make the terms "confidential data" case insensitive? The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.) Which of the following statements regarding Banned Words are correct? (Select all that apply.) In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.) Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.) In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic? File blocking rules are applied before which of the following? Which of the following methods can be used to access the CLI? (Select all that apply) A FortiAnalyzer device takes advantage of which security method to secure the transfer of log data from FortiGate devices? In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed: WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? Two-factor authentication is supported using the following methods? (Select all that apply.) Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.) Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. How are UTM features applied to traffic? Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled? A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.) Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.) config ips sensor 14 edit "LINUX_SERVER" set comment '' set replacemsg-group '' set log enable config entries edit 1 set action default set application all set location server set log enable set log-packet enable set os Linux set protocol all set quarantine none set severity all set status default next end next end