لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
View the exhibit. What does this raw log indicate? (Choose two.)
A. FortiGate blocked the traffic
B. type indicates that a security event was recorded
C. 10
D. policyid indicates that traffic went through the IPS firewall policy
عرض الإجابة
اجابة صحيحة: D
السؤال #2
Which statement is true regarding the policy ID number of a firewall policy?
A. Defines the order in which rules are processed
B. Represents the number of objects used in the firewall policy
C. Required to modify a firewall policy using the CLI
D. Changes when firewall policies are reordered
عرض الإجابة
اجابة صحيحة: C
السؤال #3
Examine this output from a debug flow: Why did the FortiGate drop the packet?
A. The next-hop IP address is unreachable
B. It failed the RPF check
C. It matched an explicitly configured firewall policy with the action DENY
D. It matched the default implicit firewall policy
عرض الإجابة
اجابة صحيحة: A
السؤال #4
Which action can be applied to each filter in the application control profile?
A. Block, monitor, warning, and quarantine
B. Allow, monitor, block and learn
C. Allow, block, authenticate, and warning
D. Allow, monitor, block, and quarantine
عرض الإجابة
اجابة صحيحة: A
السؤال #5
How does FortiGate verify the login credentials of a remote LDAP user?
A. FortiGate regenerates the algorithm based on the login credentials and compares it to the algorithm stored on the LDAP server
B. FortiGate sends the user-entered credentials to the LDAP server for authentication
C. FortiGate queries the LDAP server for credentials
D. FortiGate queries its own database for credentials
عرض الإجابة
اجابة صحيحة: AB
السؤال #6
A FortiGate device has multiple VDOMs. Which statement about an administrator account configured with the default prof_admin profile is true?
A. It can create administrator accounts with access to the same VDOM
B. It cannot have access to more than one VDOM
C. It can reset the password for the admin account
D. It can upgrade the firmware on the FortiGate device
عرض الإجابة
اجابة صحيحة: AD
السؤال #7
An administration wants to throttle the total volume of SMTP sessions to their email server. Which of the following DoS sensors can be used to achieve this?
A. tcp_port_scan
B. ip_dst_session
C. udp_flood
D. ip_src_session
عرض الإجابة
اجابة صحيحة: D
السؤال #8
An employee connects to the https://example.com on the Internet using a web browser. The web server’s certificate was signed by a private internal CA. The FortiGate that is inspecting this traffic is configured for full SSL inspection. This exhibit shows the configuration settings for the SSL/SSH inspection profile that is applied to the policy that is invoked in this instance. All other settings are set to defaults. No certificates have been imported into FortiGate. View the exhibit and answer the question
A. The web server’s certificate
B. The user’s personal certificate signed by a private internal CA
C. A certificate signed by Fortinet_CA_SSL
D. A certificate signed by Fortinet_CA_Untrusted
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Which of the following route attributes must be equal for static routes to be eligible for equal cost multipath (ECMP) routing? (Choose two.)
A. Priority
B. Metric
C. Distance
D. Cost
عرض الإجابة
اجابة صحيحة: AC
السؤال #10
Which statements correctly describe transparent mode operation? (Choose three.)
A. All interfaces of the transparent mode FortiGate device must be on different IP subnets
B. Ethernet packets are forwarded based on destination MAC addresses, not IP addresses
C. The transparent FortiGate is visible to network hosts in an IP traceroute
D. It permits inline traffic inspection and firewalling without changing the IP scheme of the network
E. FortiGate acts as transparent bridge and forwards traffic at Layer 2
عرض الإجابة
اجابة صحيحة: CDE
السؤال #11
Which of the following services can be inspected by the DLP profile? (Choose three.)
A. NFS
B. FTP
C. IMAP
D. CIFS
E. HTTP-POST
عرض الإجابة
اجابة صحيحة: A
السؤال #12
An administrator is attempting to allow access to https://fortinet.com through a firewall policy that is configured with a web filter and an SSL inspection profile configured for deep inspection. Which of the following are possible actions to eliminate the certificate error generated by deep inspection? (Choose two.)
A. Implement firewall authentication for all users that need access to fortinet
B. Manually install the FortiGate deep inspection certificate as a trusted CA
C. Configure fortinet
D. Configure an SSL-inspection exemption for fortinet
عرض الإجابة
اجابة صحيحة: C
السؤال #13
Examine the network diagram and the existing FGTI routing table shown in the exhibit, and then answer the following question: An administrator has added the following static route on FGTI. Since the change, the new static route is not showing up in the routing table. Given the information provided, which of the following describes the cause of this problem?
A. The new route’s destination subnet overlaps an existing route
B. The new route’s Distance value should be higher than 10
C. The Gateway IP address is not in the same subnet as port1
D. The Priority is 0, which means that this route will remain inactive
عرض الإجابة
اجابة صحيحة: C
السؤال #14
During the digital verification process, comparing the original and fresh hash results satisfies which security requirement?
A. Authentication
B. Data integrity
C. Non-repudiation
D. Signature verification
عرض الإجابة
اجابة صحيحة: C
السؤال #15
What FortiGate components are tested during the hardware test? (Choose three.)
A. Administrative access
B. HA heartbeat
C. CPU
D. Hard disk
E. Network interfaces
عرض الإجابة
اجابة صحيحة: BC
السؤال #16
An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy address created for that purpose. Where must the proxy address be used?
A. As the source in a firewall policy
B. As the source in a proxy policy
C. As the destination in a firewall policy
D. As the destination in a proxy policy
عرض الإجابة
اجابة صحيحة: B
السؤال #17
View the exhibit. Based on the configuration shown in the exhibit, what statements about application control behavior are true? (Choose two.)
A. Access to all unknown applications will be allowed
B. Access to browser-based Social
C. Access to mobile social media applications will be blocked
D. Access to all applications in Social
عرض الإجابة
اجابة صحيحة: BD
السؤال #18
Which one of the following processes is involved in updating IPS from FortiGuard?
A. FortiGate IPS update requests are sent using UDP port 443
B. Protocol decoder update requests are sent to service
C. IPS signature update requests are sent to update
D. IPS engine updates can only be obtained using push updates
عرض الإجابة
اجابة صحيحة: CD
السؤال #19
Which of the following conditions are required for establishing an IPSec VPN between two FortiGate devices? (Choose two.)
A. If XAuth is enabled as a server in one peer, it must be enabled as a client in the other peer
B. If the VPN is configured as route-based, there must be at least one firewall policy with the action set to IPSec
C. If the VPN is configured as DialUp User in one peer, it must be configured as either Static IP Address or Dynamic DNS in the other peer
D. If the VPN is configured as a policy-based in one peer, it must also be configured as policy-based in the other peer
عرض الإجابة
اجابة صحيحة: B
السؤال #20
View the exhibit. Which of the following statements are correct? (Choose two.)
A. This setup requires at least two firewall policies with the action set to IPsec
B. Dead peer detection must be disabled to support this type of IPsec setup
C. The TunnelB route is the primary route for reaching the remote site
D. This is a redundant IPsec setup
عرض الإجابة
اجابة صحيحة: BDE
السؤال #21
View the exhibit. Which users and user groups are allowed access to the network through captive portal?
A. Users and groups defined in the firewall policy
B. Only individual users – not groups – defined in the captive portal configuration
C. Groups defined in the captive portal configuration
D. All users
عرض الإجابة
اجابة صحيحة: BC
السؤال #22
By default, when logging to disk, when does FortiGate delete logs?
A. 30 days
B. 1 year
C. Never
D. 7 days
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.