لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
- (Exam Topic 2) How do you format the FortiGate flash disk?
A. Load a debug FortiOS image
B. Load the hardware test (HQIP) image
C. Execute the CLI command execute formatlogdisk
D. Select the format boot device option from the BIOS menu
عرض الإجابة
اجابة صحيحة: D
السؤال #2
- (Exam Topic 2) A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not Which configuration option is the most effective way to support this request?
A. Implement a web filter category override for the specified website
B. Implement a DNS filter for the specified website
C. Implement web filter quotas for the specified website
D. Implement web filter authentication for the specified website
عرض الإجابة
اجابة صحيحة: ACE
السؤال #3
- (Exam Topic 1) Which two statements are true about the FGCP protocol? (Choose two.)
A. Not used when FortiGate is in Transparent mode
B. Elects the primary FortiGate device
C. Runs only over the heartbeat links
D. Is used to discover FortiGate devices in different HA groups
عرض الإجابة
اجابة صحيحة: D
السؤال #4
- (Exam Topic 2) In which two ways can RPF checking be disabled? (Choose two )
A. Enable anti-replay in firewall policy
B. Disable the RPF check at the FortiGate interface level for the source check
C. Enable asymmetric routing
D. Disable strict-arc-check under system settings
عرض الإجابة
اجابة صحيحة: CD
السؤال #5
- (Exam Topic 1) Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)
A. There are five devices that are part of the security fabric
B. Device detection is disabled on all FortiGate devices
C. This security fabric topology is a logical topology view
D. There are 19 security recommendations for the security fabric
عرض الإجابة
اجابة صحيحة: D
السؤال #6
- (Exam Topic 1) The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check. Which interface will be selected as an outgoing interface?
A. port2
B. port4
C. port3
D. port1
عرض الإجابة
اجابة صحيحة: D
السؤال #7
- (Exam Topic 2) Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)
A. Heartbeat interfaces have virtual IP addresses that are manually assigned
B. A change in the virtual IP address happens when a FortiGate device joins or leaves the cluster
C. Virtual IP addresses are used to distinguish between cluster members
D. The primary device in the cluster is always assigned IP address 169
عرض الإجابة
اجابة صحيحة: AC
السؤال #8
- (Exam Topic 2) Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?
A. diagnose wad session list
B. diagnose wad session list | grep hook-pre&&hook-out
C. diagnose wad session list | grep hook=pre&&hook=out
D. diagnose wad session list | grep "hook=pre"&"hook=out"
عرض الإجابة
اجابة صحيحة: C
السؤال #9
- (Exam Topic 1) Which statement correctly describes NetAPI polling mode for the FSSO collector agent?
A. The collector agent uses a Windows API to query DCs for user logins
B. NetAPI polling can increase bandwidth usage in large networks
C. The collector agent must search security event logs
D. The NetSession Enum function is used to track user logouts
عرض الإجابة
اجابة صحيحة: D
السؤال #10
- (Exam Topic 1) FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax. Which two syntaxes are correct to configure web rating for the home page? (Choose two.)
A. www
B. www
C. example
D. www
عرض الإجابة
اجابة صحيحة: B
السؤال #11
- (Exam Topic 1) An administrator is running a sniffer command as shown in the exhibit. Which three pieces of information are included in the sniffer output? (Choose three.)
A. Interface name
B. Ethernet header
C. IP header
D. Application header
E. Packet payload
عرض الإجابة
اجابة صحيحة: AB
السؤال #12
- (Exam Topic 2) The exhibit contains a network diagram, central SNAT policy, and IP pool configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IP address 10.0.1.254/24. A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1). Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied. Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings t
A. 10
B. 10
C. 10
D. 10
عرض الإجابة
اجابة صحيحة: B
السؤال #13
- (Exam Topic 1) A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. * All traffic must be routed through the primary tunnel when both tunnels are up * The secondary tunnel must be used only if the primary tunnel goes down * In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two,)
A. Configure a high distance on the static route for the primary tunnel, and a lower distance on the static route for the secondary tunnel
B. Enable Dead Peer Detection
C. Configure a lower distance on the static route for the primary tunnel, and a higher distance on the static route for the secondary tunnel
D. Enable Auto-negotiate and Autokey Keep Alive on the phase 2 configuration of both tunnels
عرض الإجابة
اجابة صحيحة: BC
السؤال #14
- (Exam Topic 2) View the exhibit. Which of the following statements are correct? (Choose two.)
A. This setup requires at least two firewall policies with the action set to IPsec
B. Dead peer detection must be disabled to support this type of IPsec setup
C. The TunnelB route is the primary route for reaching the remote sit
D. The TunnelA route is used only if the TunnelB VPN is down
E. This is a redundant IPsec setup
عرض الإجابة
اجابة صحيحة: CD
السؤال #15
- (Exam Topic 1) Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?
A. get system status
B. get system performance status
C. diagnose sys top
D. get system arp
عرض الإجابة
اجابة صحيحة: B
السؤال #16
- (Exam Topic 1) Refer to the web filter raw logs. Based on the raw logs shown in the exhibit, which statement is correct?
A. Social networking web filter category is configured with the action set to authenticate
B. The action on firewall policy ID 1 is set to warning
C. Access to the social networking web filter category was explicitly blocked to all users
D. The name of the firewall policy is all_users_web
عرض الإجابة
اجابة صحيحة: A
السؤال #17
- (Exam Topic 2) When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?
A. Log ID
B. Universally Unique Identifier
C. Policy ID
D. Sequence ID
عرض الإجابة
اجابة صحيحة: A
السؤال #18
- (Exam Topic 1) An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?
A. Add the support of NTLM authentication
B. Add user accounts to Active Directory (AD)
C. Add user accounts to the FortiGate group fitter
D. Add user accounts to the Ignore User List
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: