FCNSP

Go back to Fortinet

Example Questions

A static route is configured for a FortiGate unit from the CLI using the following commands: config router static edit 1 set device "wan1" set distance 20 set gateway 192.168.100.1 next end Which of the following conditions is NOT required for this static default route to be displayed in the FortiGate unit's routing table? Which of the following represents the correct order of criteria used for the selection of a Master unit within a FortiGate High Availability (HA) cluster when master override is disabled? Which of the following items are considered to be advantages of using the application control features on the FortiGate unit? Application control allows an administor to: When performing a log search on a FortiAnalyzer, It is generally recommended to use the Quick Search option what is a valid reason for using the Full Search option, instead? How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.) When the SSL proxy inspects the server certificate for Web Filtering only in SSL Handshake mode, which certificate field is being used to determine the site rating? Which of the following represents the method used on a FortiGate unit running FortiOS version 4.2 to apply traffic shaping to P2P traffic, such as BitTorrent? Which of the following DLP actions will override any other action? When configuring a server load balanced virtual IP, which of the following is the best distribution algorithm to be used in applications where the same physical destination server must be maintained between sessions? Which of the following statements is correct regarding the NAC Quarantine feature? Based on the configuration settings displayed below, which of the following statements are correct? config system session-ttl set default 7200 config port edit 540 set timeout 3600 next end end Select all that apply. An administrator has formed a High Availability cluster involving two FortiGate 310B units. [Multiple upstream Layer 2 switches] -- [ FortiGate HA Cluster ] -- [ Multiple downstream Layer 2 switches ] The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster. Which of the following options describes the best step the administrator can take? The administrator should... In Transparent Mode, forward-domain is an attribute of ______________. What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully- meshed set of IPSec tunnels? (Select all that apply.) Which of the following statements are correct about the HA diag command diagnose sys ha reset-uptime? (Select all that apply.) Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled? Which of the following methods does the FortiGate unit use to determine the availability of a web cache using Web Cache Communication Protocol (WCCP)? Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.) config ips sensor edit "LINUX_SERVER" set comment '' set replacemsg-group '' set log enable config entries edit 1 set action default set application all set location server set log enable set log-packet enable set os Linux set protocol all set quarantine none set severity all set status default next end next end Both the FortiGate and FortiAnalyzer units can notify administrators when certain alert conditions are met. Considering this, which of the following statements is NOT correct? With FSSO, a domain user could authenticate either against the domain controller running the Collector Agent and Domain Controller Agent, or a domain controller running only the Domain Controller Agent. If you attempt to authenticate with the Secondary Domain Controller running only the Domain Controller Agent, which of the following statements are correct? (Select all that apply.) Which of the following report templates must be used when scheduling report generation? A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity. The following troubleshooting commands are executed from the DOS prompt on the PC and from the CLI. C:\>ping 10.0.1,1 Pinging 10.0.1.1 with 32 bytes of data: Reply from 10.0.1.1: bytes=32 time=lms TTL=255 Reply from 10.0.1.1: bytes=32 time<lms TTL=255 Reply from 10,0.1.1: bytes=32 time<lms TTL=255 Reply from 10.0.1.1: bytes=32 time<lms TTL=255 userl # get system interface == [ internal ] name: internal mode: static ip: 10.0.1.254 255.255.255.128 status: up netbios—forward: disable type: physical mtu-override: disable = [ vla.nl ] name: vlanl mode: static ip: 10.0.1.1 255.255.255.128 status: up netb Iios-forward: disable type: vlan mtu-override: disable userl # diagnose debug flow trace start 100 userl # diagnose debug ena userl # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1 id=20085 trace_id=274 msg=vd-root received a packet (proto=6, 10. 0.1.130:47927->10.0.1.1:443) from internal." Id=20085 trace_id=27 4 msg="allocate a new session-00000b1b" trace_id=274 msg-“find SNAT: IP-10.0.1.1, port-43798" id=20085 trace_id=274 msg=”iprope_in_check() check failed, drop" Based on output from these commands, which of the following explanations is a possible cause of the problem? Which of the following describes the difference between the ban and quarantine actions? Which of the following features could be used by an administrator to block FTP uploads while still allowing FTP downloads? An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. Which of the following statements best describes how to resolve this issue? When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option. What is a valid reason for using the Full Search option, instead? WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? Which of the following statements is correct regarding the antivirus scanning function on the FortiGate unit? Which of the following cannot be used in conjunction with the endpoint compliance check? The FortiGate Server Authentication Extensions (FSAE) provide a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory. Which of the following statements are correct regarding FSAE in a Windows domain environment when NTLM is not used? (Select all that apply.) Which of the following statements correctly describes the deep scan option for HTTPS? Identify the statement which correctly describes the output of the following command: diagnose ips anomaly list The Host Check feature can be enabled on the FortiGate unit for SSL VPN connections. When this feature is enabled, the FortiGate unit probes the remote host compute" to verify that it is “safe” before access is granted. Which of the following items is NOT an option as part of the Host Check feature? In which of the following report templates would you configure the charts to be included in the report? In the Tunnel Mode widget of the web portal, the administrator has configured an IP Pool and enabled split tunneling. Which of the following statements is true about the IP address used by the SSL VPN client? Identify the correct properties of a partial mesh VPN deployment: Which of the following statements are correct regarding the configuration of a FortiGate unit as an SSL VPN gateway? (Select all that apply.) Which of the following statements is not correct regarding virtual domains (VDOMs)? SSL Proxy is used to decrypt the SSL-encrypted traffic. After decryption, where is the traffic buffered in preparation for content inspection? An administrator is examining the attack logs and notices the following entry: device_id=FG100A3907508962 log_id=18432 subtype=anomaly type=ips timestamp=1270017358 pri=alert itime=1270017893 severity=critical src=192.168.1.52 dst=64.64.64.64 src_int=internal serial=0 status=clear_session proto=6 service=http vd=root count=1 src_port=35094 dst_port=80 attack_id=100663402 sensor=protect-servers ref=http://www.fortinet.com/ids/VID100663402 msg="anomaly: tcp_src_session, 2 > threshold 1" policyid=0 carrier_ep=N/A profile=N/A dst_int=N/A user=N/A group=N/A Based solely upon this log message, which of the following statements is correct? Which of the following statements is correct about configuring web filtering overrides? A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. Which of the following items would an administrator logging in using this account NOT be able to configure? In order to load-share traffic using multiple static routes, the routes must be configured with ... An administrator has formed a High Availability cluster involving two FortiGate 310B units. [ Multiple ipstream Layer 2 switches] - [ FortiGate HA Cluster ] - [ Multiple downstream Layer 2 switches ] The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this duster. Which of the following options describes the best step the administrator can take? The administrator should... Which spam filter is not available on a FortiGate device? In a High Availability configuration operating In Active-Active mode, which of the following correctly describes the path taken by a load-balanced HTTP session? Which of the following statements are correct regarding Application Control? Which of the following statements best describes how to configure a FortiGate unit to protect against IP address spoofing? Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? Which of the following statements is correct about how the FortiGate unit verifies username and password during user authentication?