Cuestiones
ayuda
option
Mi Daypo

TEST BORRADO, QUIZÁS LE INTERESENSE4 parte3

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del test:
NSE4 parte3

Descripción:
de 101 a 150 preguntas

Autor:
AVATAR

Fecha de Creación:
19/09/2020

Categoría:
Otros

Número preguntas: 50
Comparte el test:
Facebook
Twitter
Whatsapp
Comparte el test:
Facebook
Twitter
Whatsapp
Últimos Comentarios
No hay ningún comentario sobre este test.
Temario:
Which is true about incoming and outgoing interfaces in firewall policies? A. A physical interface may not be used. B. A zone may not be used. C. Multiple interfaces may not be used for both incoming and outgoing. D. Source and destination interfaces are mandatory.
To which remote device can the FortiGate send logs? (Choose three.) A. Syslog B. FortiAnalyzer C. Hard drive D. Memory E. FortiCloud.
In a Crash log, what does a status of 0 indicate? A. Abnormal termination of a process B. A process closed for any reason C. Scanunitd process crashed D. Normal shutdown with no abnormalities E. DHCP process crashed.
There are eight (8) log severity levels that indicate the importance of an event. Not including Debug, which is only needed to log diagnostic data, what are both the lowest AND highest severity levels? A. Notification, Emergency B. Information, Critical C. Error, Critical D. Information, Emergency E. Information, Alert.
Examine this log entry. What does the log indicate? (Choose three.) date=2013-12-04 time=09:30:18 logid=0100032001 type=event subtype=system level=information vd="root" user="admin" ui=http(192.168.1.112) action=login status=success reason=none profile="super_admin" msg="Administrator admin logged in successfully from http(192.168.1.112)" A. In the GUI, the log entry was located under “Log & Report > Event Log > User”. B. In the GUI, the log entry was located under “Log & Report > Event Log > System”. C. In the GUI, the log entry was located under “Log & Report > Traffic Log > Local Traffic”. D. The connection was encrypted. E. The connection was unencrypted. F. The IP of the FortiGate interface that “admin” connected to was 192.168.1.112. G. The IP of the computer that “admin” connected from was 192.168.1.112.
Where are most of the security events logged? A. Security log B. Forward Traffic log C. Event log D. Alert log E. Alert Monitoring Console.
What determines whether a log message is generated or not? A. Firewall policy setting B. Log Settings in the GUI C. ‘config log’ command in the CLI D. Syslog E. Webtrends.
Which of the following are considered log types? (Choose three.) A. Forward log B. Traffic log C. Syslog D. Event log E. Security log.
What attributes are always included in a log header? (Choose three.) A. policyid B. level C. user D. time E. subtype F. duration.
Acme Web Hosting is replacing one of their firewalls with a FortiGate. It must be able to apply port forwarding to their back-end web servers while blocking virus uploads and TCP SYN floods from attackers. Which operation mode is the best choice for these requirements? A. NAT/route B. NAT mode with an interface in one-arm sniffer mode C. Transparent mode D. No appropriate operation mode exists.
You have configured the DHCP server on a FortiGate’s port1 interface (or internal, depending on the model) to offer IPs in a range of 192.168.1.65192.168.1.253. When the first host sends a DHCP request, what IP will the DHCP offer? A. 192.168.1.99 B. 192.168.1.253 C. 192.168.1.65 D. 192.168.1.66.
You have created a new administrator account, and assign it the prof_admin profile. Which is false about that account’s permissions? A. It cannot upgrade or downgrade firmware. B. It can create and assign administrator accounts to parts of its own VDOM. C. It can reset forgotten passwords for other administrator accounts such as "admin". D. It has a smaller permissions scope than accounts with the "super_admin" profile.
Which UTM feature sends a UDP query to FortiGuard servers each time FortiGate scans a packet (unless the response is locally cached)? A. Antivirus B. VPN C. IPS D. Web Filtering.
A new version of FortiOS firmware has just been released. When you upload new firmware, which is true? A. If you upload the firmware image via the boot loader’s menu from a TFTP server, it will not preserve the configuration. But if you upload new firmware via the GUI or CLI, as long as you are following a supported upgrade path, FortiOS will attempt to convert the existing configuration to be valid with any new or changed syntax. B. No settings are preserved. You must completely reconfigure. C. No settings are preserved. After the upgrade, you must upload a configuration backup file. FortiOS will ignore any commands that are not valid in the new OS. In those cases, you must reconfigure settings that are not compatible with the new firmware. D. You must use FortiConverter to convert a backup configuration file into the syntax required by the new FortiOS, then upload it to FortiGate.
Which protocols can you use for secure administrative access to a FortiGate? (Choose two) A. SSH B. Telnet C. NTLM D. HTTPS.
If you have lost your password for the "admin" account on your FortiGate, how should you reset it? A. Log in with another administrator account that has "super_admin" profile permissions, then reset the password for the "admin" account. B. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to format the flash disk and reinstall the firmware. Then you can log in with the default password. C. Power off the FortiGate. After several seconds, restart it. Via the local console, within 30 seconds after booting has completed, log in as "maintainer" and enter the CLI commands to set the password for the "admin" account. D. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.
What are the ways FortiGate can monitor logs? (Choose three.) A. MIB B. SMS C. Alert Emails D. SNMP E. FortiAnalyzer F. Alert Message Console.
Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of diagnose sys session stat for the STUDENT device. Exhibit B shows the command output of diagnose sys session stat for the REMOTE device. Exhibit A: Exhibit B: A. STUDENT is likely to be the master device. B. Session-pickup is likely to be enabled. C. The cluster mode is active-passive. D. There is not enough information to determine the cluster mode.
Which statements are correct regarding an IPv6 over IPv4 IPsec configuration? (Choose two.) A. The source quick mode selector must be an IPv4 address. B. The destination quick mode selector must be an IPv6 address. C. The Local Gateway IP must be an IPv4 address. D. The remote gateway IP must be an IPv6 address.
Which is not a FortiGate feature? A. Database auditing B. Intrusion prevention C. Web filtering D. Application control.
When an administrator attempts to manage FortiGate from an IP address that is not a trusted host, what happens? A. FortiGate will still subject that person’s traffic to firewall policies; it will not bypass them. B. FortiGate will drop the packets and not respond. C. FortiGate responds with a block message, indicating that it will not allow that person to log in. D. FortiGate responds only if the administrator uses a secure protocol. Otherwise, it does not respond.
Can you restore it to a FortiWiFi 60D? backup file begins with this line: #config-version=FGVM64-5.02-FW-build589-140613:opmode=0:vdom=0:user=admin #conf_file_ver=3881503152630288414 #buildno=0589 #global_vdom=1 Can you restore it to a FortiWiFi 60D? A. Yes B. Yes, but only if you replace the "#conf_file_ver" line so that it contains the serial number of that specific FortiWiFi 60D. C. Yes, but only if it is running the same version of FortiOS, or a newer compatible version. D. No.
How do you configure a FortiGate to apply traffic shaping to P2P traffic, such as BitTorrent? A. Apply a traffic shaper to a BitTorrent entry in an application control list, which is then applied to a firewall policy. B. Enable the shape option in a firewall policy withservice set to BitTorrent. C. Define a DLP rule to match against BitTorrent traffic and include the rule in a DLP sensor with traffic shaping enabled. D. Apply a traffic shaper to a protocol options profile.
Which statements are correct regarding the filter? Based on the information in the exhibit, which statements are correct regarding the filter? (Choose two.) A. It does not log attacks targeting Linux servers. B. It matches all traffic to Linux servers. C. Its action will block traffic matching these signatures. D. It only takes affect when the sensor is applied to a policy.
A FortiGate is configured with three virtual domains (VDOMs). Which of the following statements is correct regarding multiple VDOMs? A. The FortiGate must be a model 1000 or above to support multiple VDOMs. B. A license has to be purchased and applied to the FortiGate before VDOM mode could be enabled. C. Changing the operational mode of a VDOM requires a reboot of the FortiGate. D. The FortiGate supports any combination of VDOMs in NAT/Route and transparent modes.
An administrator wants to create an IPsec VPN tunnel between two FortiGate devices. Which three configuration steps must be performed on both units to support this scenario? (Choose three.) A. Create firewall policies to allow and control traffic between the source and destination IP addresses. B. Configure the appropriate user groups to allow users access to the tunnel. C. Set the operating mode to IPsec VPN mode. D. Define the phase 2 parameters. E. Define the Phase 1 parameters.
Which network protocols are supported for administrative access to a FortiGate unit? (Choose three.) A. SMTP B. WINS C. HTTP D. Telnet E. SSH.
In which process states is it impossible to interrupt/kill a process? (Choose two.) A. S – Sleep B. R – Running C. D – Uninterruptable Sleep D. Z – Zombie.
What is the FortiGate password recovery process? A. Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry. B. Log in through the console port using the ”maintainer” account within several seconds of physically power cycling the FortiGate. C. Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password. D. Interrupt the boot sequence and restore a configuration file for which the password has been modified.
Which two web filtering inspection modes inspect the full URL? (Choose two.) A. DNS-based B. Proxy-based C. Flow-based D. URL-based.
Which of the following statements are correct about the HA command diagnose sys ha reset-uptime? (Choose two.) A. The device this command is executed on is likely to switch from master to slave status if override is disabled. B. The device this command executed on is likely to switch from master to slave status if override is enabled. C. The command has no impact on the HA algorithm. D. This commands resets the uptime variable used in the HA algorithm so it may cause a new master to become elected.
Which statements are correct properties of a partial mesh VPN deployment. (Choose two.) A. VPN tunnels interconnect between every single location. B. VPN tunnels are not configured between every single location. C. Some location may be reachable via a hub location. D. It cannot contain redundant VPN tunnels.
Examine the static route configuration shown below; then answer the question-following it. config router static edit 1 set dst 172.20.1.0 255.255.255.0 set device port1 set gateway 172.11.12.1 set distance 10 set weight 5 next edit 2 set dst 172.20.1.0 255.255.255.0 set blackhole enable set distance 5 set weight 10 next end Which of the following statements correctly describes the static routing configuration provided? (Choose two.) A. All traffic to 172.20.1.0/24 is dropped by the FortiGate. B. As long as port1 is up, all traffic to 172.20.1.0/24 is routed by the static route number 1. if the interface port1 is down, the traffic is routed using the blackhole route. C. The FortiGate unit does NOT create a session entry in the session table when the traffic is being routed by the blackhole route. D. The FortiGate unit creates a session entry in the session table when the traffic is being routed by the blackhole route.
A user logs into a SSL VPN portal and activates the tunnel mode. The exhibit shows the firewall policy and the user’s SSL VPN portal configuration: Which static route is automatically added to the client’s routing table when the tunnel mode is activatrd? A. A route to a destination subnet matching the Internal_Servers address object. B. A route to the destination subnet configured in the tunnel mode widget. C. A default route. D. A route to the destination subnet configured in the SSL VPN global settings.
Which header field can be used in a firewall policy for traffic matching? A. ICMP type and code. B. DSCP. C. TCP window size. D. TCP sequence number.
A static route is configured for a FortiGate unit from the CLI using the following commands: config router static edit 1 set device “wan1” set distance 20 set gateway 192.168.100.1 next end Which of the following conditions are required for this static default route to be displayed in the FortiGate unit’s routing table? (Choose two.) A. The administrative status of the wan1 interface is displayed as down. B. The link status of the wan1 interface is displayed as up. C. All other default routers should have a lower distance. D. The wan1 interface address and gateway address are on the same subnet.
Which two statements are true regarding firewall policy disclaimers? (Choose two.) A. They cannot be used in combination with user authentication. B. They can only be applied to wireless interfaces. C. Users must accept the disclaimer to continue. D. The disclaimer page is customizable.
In a high availability cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a slave unit? A. Client – > slave FortiGate – > master FortiGate – > web server. B. Client – > slave FortiGate – > web server. C. Client – > master FortiGate – > slave FortiGate – > master FortiGate – >web server. D. Client – > master FortiGate – >slave FortiGate – > web server.
FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows active directory. Which of the following statements are correct regarding FSSO in a Windows domain environment when DC-agent mode is used? (Choose two.) A. An FSSO collector agent must be installed on every domain controller. B. An FSSO domain controller agent must be installed on every domain controller. C. The FSSO domain controller agent will regularly update user logon information on the FortiGate unit. D. The FSSO collector agent will receive user logon information from the domain controller agent and will send it to the FortiGate unit.
What logging options are supported on a FortiGate unit? (Choose two.) A. LDAP B. Syslog C. FortiAnalyzer D. SNMP.
What is valid reason for using session based authentication instead of IP based authentication in a FortiGate web proxy solution? A. Users are required to manually enter their credentials each time they connect to a different web site. B. Proxy users are authenticated via FSSO. C. There are multiple users sharing the same IP address. D. Proxy users are authenticated via RADIUS.
Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.) A. Manual update by downloading the signatures from the support site. B. FortiGuard pull updates. C. Push updates from a FortiAnalyzer. D. execute fortiguard-AV-AS command from the CLI.
Data leak prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Choose three.) A. POP3 B. SNMP C. IPsec D. SMTP E. HTTP.
Which statements correctly describe transparent mode operation? (Choose three.) A. The FortiGate acts as transparent bridge and forwards traffic at Layer-2. B. Ethernet packets are forwarded based on destination MAC addresses, NOT IP addresses. C. The transparent FortiGate ia clearly visible to network hosts in an IP trace route. D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network. E. All interfaces of the transparent mode FortiGate device most be on different IP subnets.
Two FortiGate units with NP6 processors form an active-active cluster. The cluster is doing security profile (UTM) inspection over all the user traffic. What statements are true regarding the sessions that the master unit is offloading to the slave unit for inspection? (Choose two.) A. They are offloaded to the NP6 in the master unit. B. They are not offloaded to the NP6 in the master unit. C. They are offloaded to the NP6 in the slave unit. D. They are not offloaded to the NP6 in the slave unit.
Which two methods are supported by the web proxy auto-discovery protocol (WPAD) to automatically learn the URL where a PAC file is located? (Choose two.) A. DHCP B. BOOTP C. DNS D. IPv6 autoconfiguration.
Examine the exhibit; then answer the question-below. Which statement describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit? A. They indicate that the FortiGate has the latest updates available from the FortiGuard Distribution Network. B. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit. C. They indicate that the FortiGate is in the process of downloading updates from the FortiGuard Distribution Network. D. They indicate that the FortyGate is able to connect to the FortiGuard Distribution Network.
Review the configuration for FortiClient IPsec shown in the exhibit. Which statement is correct regarding this configuration? A. The connecting VPN client will install a route to a destination corresponding to the student internal address object. B. The connecting VPN client will install a default route. C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range. D. The connecting VPN client will connect in web portal mode and no route will be installed.
When the SSL proxy is NOT doing man-in-the-middle interception of SSL traffic, which certificate field can be used to determine the rating of a website? A. Organizational Unit. B. Common name. C. Serial Number. D. Validity.
Which IPSec mode includes the peer id information in the first packet? A. Main mode. B. Quick mode. C. Aggressive mode. D. IKEv2 mode.
Denunciar test Consentimiento Condiciones de uso