لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
- (Exam Topic 2) What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)
A. Traffic to botnetservers
B. Traffic to inappropriate web sites
C. Server information disclosure attacks
D. Credit card data leaks
E. SQL injection attacks
عرض الإجابة
اجابة صحيحة: BDE
السؤال #2
- (Exam Topic 2) Which two types of traffic are managed only by the management VDOM? (Choose two.)
A. FortiGuard web filter queries
B. PKI
C. Traffic shaping
D. DNS
عرض الإجابة
اجابة صحيحة: D
السؤال #3
- (Exam Topic 2) The exhibits show a network diagram and the explicit web proxy configuration. In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?
A. ‘host 192
B. ‘host 10
C. ‘host 192
D. ‘host 10
عرض الإجابة
اجابة صحيحة: B
السؤال #4
- (Exam Topic 2) What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?
A. FortiGate automatically negotiates different local and remote addresses with the remote peer
B. FortiGate automatically negotiates a new security association after the existing security association expires
C. FortiGate automatically negotiates different encryption and authentication algorithms with the remote peer
D. FortiGate automatically brings up the IPsec tunnel and keeps it up, regardless of activity on the IPsec tunnel
عرض الإجابة
اجابة صحيحة: CD
السؤال #5
- (Exam Topic 2) The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. What order must FortiGate use when the web filter profile has features enabled, such as safe search?
A. DNS-based web filter and proxy-based web filter
B. Static URL filter, FortiGuard category filter, and advanced filters
C. Static domain filter, SSL inspection filter, and external connectors filters
D. FortiGuard category filter and rating filter
عرض الإجابة
اجابة صحيحة: CD
السؤال #6
- (Exam Topic 2) An administrator is running the following sniffer command: Which three pieces of Information will be Included in me sniffer output? {Choose three.)
A. Interface name
B. Packet payload
C. Ethernet header
D. IP header
E. Application header
عرض الإجابة
اجابة صحيحة: AB
السؤال #7
- (Exam Topic 2) Based on the raw log, which two statements are correct? (Choose two.)
A. Traffic is blocked because Action is set to DENY in the firewall policy
B. Traffic belongs to the root VDOM
C. This is a security log
D. Log severity is set to error on FortiGate
عرض الإجابة
اجابة صحيحة: B
السؤال #8
- (Exam Topic 2) An administrator has configured a route-based IPsec VPN between two FortiGate devices. Which statement about this IPsec VPN configuration is true?
A. A phase 2 configuration is not required
B. This VPN cannot be used as part of a hub-and-spoke topology
C. A virtual IPsec interface is automatically created after the phase 1 configuration is completed
D. The IPsec firewall policies must be placed at the top of the list
عرض الإجابة
اجابة صحيحة: B
السؤال #9
- (Exam Topic 2) Which feature in the Security Fabric takes one or more actions based on event triggers?
A. Fabric Connectors
B. Automation Stitches
C. Security Rating
D. Logical Topology
عرض الإجابة
اجابة صحيحة: CD
السؤال #10
- (Exam Topic 2) Which two statements are correct about a software switch on FortiGate? (Choose two.)
A. It can be configured only when FortiGate is operating in NAT mode
B. Can act as a Layer 2 switch as well as a Layer 3 router
C. All interfaces in the software switch share the same IP address
D. It can group only physical interfaces
عرض الإجابة
اجابة صحيحة: A
السؤال #11
- (Exam Topic 1) Which statement about video filtering on FortiGate is true?
A. Full SSL Inspection is not required
B. It is available only on a proxy-based firewall policy
C. It inspects video files hosted on file sharing services
D. Video filtering FortiGuard categories are based on web filter FortiGuard categories
عرض الإجابة
اجابة صحيحة: AC
السؤال #12
- (Exam Topic 2) An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)
A. The interface has been configured for one-arm sniffer
B. The interface is a member of a virtual wire pair
C. The operation mode is transparent
D. The interface is a member of a zone
E. Captive portal is enabled in the interface
عرض الإجابة
اجابة صحيحة: A
السؤال #13
- (Exam Topic 2) If Internet Service is already selected as Destination in a firewall policy, which other configuration objects can be selected to the Destination field of a firewall policy? A User or User Group
A. IP address
B. No other object can be added
C. FQDN address
عرض الإجابة
اجابة صحيحة: AC
السؤال #14
- (Exam Topic 2) Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)
A. Lookup is done on the first packet from the session originator
B. Lookup is done on the last packet sent from the responder
C. Lookup is done on every packet, regardless of direction
D. Lookup is done on the trust reply packet from the responder
عرض الإجابة
اجابة صحيحة: D
السؤال #15
- (Exam Topic 2) Which statements best describe auto discovery VPN (ADVPN). (Choose two.)
A. It requires the use of dynamic routing protocols so that spokes can learn the routes to other spokes
B. ADVPN is only supported with IKEv2
C. Tunnels are negotiated dynamically between spokes
D. Every spoke requires a static tunnel to be configured to other spokes so that phase 1 and phase 2 proposals are defined in advance
عرض الإجابة
اجابة صحيحة: D
السؤال #16
- (Exam Topic 1) The exhibit shows the IPS sensor configuration. If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)
A. The sensor will allow attackers matching the NTP
B. The sensor will block all attacks aimed at Windows servers
C. The sensor will reset all connections that match these signatures
D. The sensor will gather a packet log for all matched traffic
عرض الإجابة
اجابة صحيحة: BD

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.