FortiGate Essentials Quiz #1 [PDF]

Zitiervorschau

4/28/2020

FortiGate Essentials Quiz #1

 FortiGate Essentials 6.2 Started on Monday, April 27, 2020, 7:54 PM State Finished Completed on Monday, April 27, 2020, 7:56 PM Time taken 1 min 42 secs Points 15/15 Grade 100 out of 100 Question 1

Which security processor unit (SPU) is optimized for entry-level FortiGate models?

Correct 1 points out of 1

Select one: Security processor Network processor Content processor System-on-a-chip processor 

Question 2

Which inspection mode allows administrators to select the network applications from the firewall policy configuration?

Correct 1 points out of 1

Select one: NGFW Policy-based  Proxy Scanning Certificate-based

Question 3

What information can the client integrity check collect about applications running in SSL-VPN clients? (Choose two.)

Correct 1 points out of 1

Select one or more: Application-specific settings Current software version  Signature updates  Use name

Question 4

Which two modes are FortiGate operation modes? (Choose two.)

Correct 1 points out of 1

Select one or more: Bridge NAT  Transparent  Database

https://training.fortinet.com/mod/quiz/review.php?attempt=3261885&cmid=54510

1/4

4/28/2020

Question 5 Correct 1 points out of 1

FortiGate Essentials Quiz #1

An administrator needs to create a tunnel mode SSL-VPN to access an internal web server from the Internet. The web server is connected to port1. The Internet is connected to port2. Both interfaces belong to the VDOM named Corporation.   Which interface must be used as the source for the firewall policy that will allow this traffic? Select one: ssl.root port2 port1 ssl.Corporation

Question 6



What is the purpose of the Policy Lookup feature?

Correct 1 points out of 1

Select one: It searches the matching policy based on input criteria.  It finds duplicate objects in firewall policies. It creates packet flow over FortiGate by sending real-time traffic. It creates a new firewall policy based on input criteria.

Question 7

Examine the exhibit showing a routing table.

Correct 1 points out of 1

Which route will be selected when trying to reach 10.20.30.254? Select one: 10.30.20.0/24 [10/0] via 172.20.121.2, port1 10.20.30.0/26 [10/0] via 172.20.168.254, port2 10.20.30.0/24 [10/0] via 172.20.167.254, port3



0.0.0.0/0 [10/0] via 172.20.121.2, port1

Question 8

Which two statements about incoming and outgoing interfaces in firewall policies are true? (Choose two.)

Correct 1 points out of 1

Select one or more: Only the any interface can be chosen as an incoming interface. Multiple interfaces can be selected as incoming and outgoing interfaces.  A zone can be chosen as the outgoing interface.  An incoming interface is mandatory in a firewall policy, but an outgoing interface is optional.

https://training.fortinet.com/mod/quiz/review.php?attempt=3261885&cmid=54510

2/4

4/28/2020

Question 9 Correct 1 points out of 1

FortiGate Essentials Quiz #1

A FortiGate is configured for Firewall Authentication. When attempting to access an external website, the user is not presented with a login prompt.   What is the most likely reason for this situation? Select one: The user was authenticated using passive authentication.  The user is using a guest account profile. The user is using a super admin account. No matching user account exists for this user.

Question 10 Correct

Which three methods can be used to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)

1 points out of 1

Select one or more: Instant message app FortiToken  Voicemail message SMS text message  Email 

Question 11

Which three settings and protocols can be used to provide secure and restrictive administrative access to FortiGate? (Choose three.)

Correct 1 points out of 1

Select one or more: HTTPS  SSH  FortiTelemetry Trusted authentication Trusted host 

Question 12

Which three actions are valid for static URL filtering? (Choose three.)

Correct 1 points out of 1

Select one or more: Allow  Exempt  Warning Block  Shape

Question 13

Which NAT mode is supported by a VDOM configured as NGFW Policy-based mode?

Correct 1 points out of 1

Select one: Firewall NAT Central SNAT  IP range IP pool

https://training.fortinet.com/mod/quiz/review.php?attempt=3261885&cmid=54510

3/4

4/28/2020

Question 14 Correct 1 points out of 1

FortiGate Essentials Quiz #1

An administrator needs to configure two static default routes pointing to two ISPs. The administrator wants to have both static routes active in the routing table.   What configuration setting must match in both routes to achieve this? Select one: Priority Distance  Metric Outgoing interface

Question 15

Which two statements about blocking known Botnet Command and Control domains are true? (Choose two.)

Correct 1 points out of 1

Select one or more: You must manually download the Botnet Command and Control database and import it into FortiGate. DNS lookups are checked against the Botnet Command and Control database.  This service requires a FortiGuard web filter and IPS license.  The Botnet Command and Control domains can be enabled in the Web Filter profile.

https://training.fortinet.com/mod/quiz/review.php?attempt=3261885&cmid=54510

4/4