لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
View the exhibit, which contains a screenshot of some phase-1 settings, and then answer the question below. The VPN is up, and DPD packets are being exchanged between both IPsec gateways; however, traffic cannot pass through the tunnel. To diagnose, the administrator enters these CLI commands: However, the IKE real time debug does not show any output. Why?
A. The debug output shows phases 1 and 2 negotiations onl
B. Once the tunnel is up, it does not show any more output
C. The log-filter setting was set incorrectl
D. The VPN’s traffic does not match this filter
E. The debug shows only error message
F. If there is no output, then the tunnel is operating normally
عرض الإجابة
اجابة صحيحة: B
السؤال #2
An administrator has configured the following CLI script on FortiManager, which failed to apply any changes to the managed device after being executed. Why didn’t the script make any changes to the managed device?
A. Commands that start with the # sign are not executed
B. CLI scripts will add objects only if they are referenced by policies
C. Incomplete commands are ignored in CLI scripts
D. Static routes can only be added using TCL scripts
عرض الإجابة
اجابة صحيحة: B
السؤال #3
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
A. FortiManager can download and maintain local copies of FortiGuard databases
B. FortiManager supports only FortiGuard push to managed devices
C. FortiManager will respond to update requests only if they originate from a managed device
D. FortiManager does not support rating requests
عرض الإجابة
اجابة صحيحة: AB
السؤال #4
A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing: What should the administrator check to fix the problem?
A. The connectivity between the FortiGate unit and the DNS server
B. The connectivity between the client workstations and the DNS server
C. That DNS traffic from client workstations is allowed by the explicit web proxy policies
D. That DNS service is enabled in the explicit web proxy interface
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)
A. The next-hop IP address is up
B. There is no other route, to the same destination, with a higher distance
C. The link health monitor (if configured) is up
D. The next-hop IP address belongs to one of the outgoing interface subnets
E. The outgoing interface is up
عرض الإجابة
اجابة صحيحة: BD
السؤال #6
Examine the following partial output from a sniffer command; then answer the question below. What is the meaning of the packets dropped counter at the end of the sniffer?
A. Number of packets that didn’t match the sniffer filter
B. Number of total packets dropped by the FortiGate
C. Number of packets that matched the sniffer filter and were dropped by the FortiGate
D. Number of packets that matched the sniffer filter but could not be captured by the sniffer
عرض الإجابة
اجابة صحيحة: B
السؤال #7
Examine the following partial output from two system debug commands; then answer the question below. Which of the following statements are true regarding the above outputs? (Choose two.)
A. The unit is running a 32-bit FortiOS
B. The unit is in kernel conserve mode
C. The Cached value is always the Active value plus the Inactive value
D. Kernel indirectly accesses the low memory (LowTotal) through memory paging
عرض الإجابة
اجابة صحيحة: AD
السؤال #8
Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command. Based on the output, which two statements are correct? (Choose two.)
A. Phase 2 authentication is set to sha1 on both sides
B. Anti-replay is disabled
C. Hub2Spoke1 is a policy-based VPN
D. Hub2Spoke1 is configured on interface wan2
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Examine the IPsec configuration shown in the exhibit; then answer the question below. An administrator wants to monitor the VPN by enabling the IKE real time debug using these commands: diagnose vpn ike log-filter src-addr4 10.0.10.1 diagnose debug application ike -1 diagnose debug enable The VPN is currently up, there is no traffic crossing the tunnel and DPD packets are being interchanged between both IPsec gateways. However, the IKE real time debug does NOT show any output. Why isn’t there any output?
A. The IKE real time shows the phases 1 and 2 negotiations onl
B. It does not show any more output once the tunnel is up
C. The log-filter setting is set incorrectl
D. The VPN’s traffic does not match this filter
E. The IKE real time debug shows the phase 1 negotiation onl
F. For information after that, the administrator must use the IPsec real time debug instead: diagnose debug application ipsec -1
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router The second unit is elected as the backup designated router Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?
A. 1
B. 2
C. 3
D. 4
عرض الإجابة
اجابة صحيحة: BD
السؤال #11
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?
A. diagnose sniffer packet any ‘udp port 500’
B. diagnose sniffer packet any ‘udp port 4500’
C. diagnose sniffer packet any ‘esp’
D. diagnose sniffer packet any ‘udp port 500 or udp port 4500’
عرض الإجابة
اجابة صحيحة: CDE
السؤال #12
Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below. # diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB. What should the administrator check?
A. The IP address recorded in the logon event for the user STUDENT
B. The DNS name resolution for the workstation name INTERNAL2
C. LAB
D. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2
E. LAB
F. The reserve DNS lookup forthe IP address 192
عرض الإجابة
اجابة صحيحة: AD
السؤال #13
View the exhibit, which contains the output of a diagnose command, and then answer the question below. Which statements are true regarding the output in the exhibit? (Choose two.)
A. FortiGate will probe 121
B. Servers with the D flag are considered to be down
C. Servers with a negative TZ value are experiencing a service outage
D. FortiGate used 209
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: