لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Examine the following partial outputs from two routing debug commands; then answer the question below. # get router info kernel tab=254 vf=0 scope=0type=1 proto=11 prio=0 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.1.254 dev=2(port1) tab=254 vf=0 scope=0type=1 proto=11 prio=10 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.2.254 dev=3(port2) tab=254 vf=0 scope=253type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/.->10.0.1.0/24 pref=10.0.1.254 gwy=0.0.0.0 dev=4(port3) # get router info routing-table all s
A. port!
B. port2
C. Both portl and port2
D. port3
عرض الإجابة
اجابة صحيحة: AD
السؤال #2
A corporate network allows Internet Access to FSSO users only. The FSSO user student does not have Internet access after successfully logged into the Windows AD network. The output of the ‘diagnose debug authd fsso list’ command does not show student as an active FSSO user. Other FSSO users can access the Internet without problems. What should the administrator check? (Choose two.)
A. The user student must not be listed in the CA’s ignore user list
B. The user student must belong to one or more of the monitored user groups
C. The student workstation’s IP subnet must be listed in the CA’s trusted list
D. At least one of the student’s user groups must be allowed by a FortiGate firewall policy
عرض الإجابة
اجابة صحيحة: C
السؤال #3
Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?
A. Group ID
B. Group name
C. Session pickup
D. Gratuitous ARPs
عرض الإجابة
اجابة صحيحة: AD
السؤال #4
An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this prob
A. TCP half open
B. TCP half close
C. TCP time wait
D. TCP session time to live
عرض الإجابة
اجابة صحيحة: D
السؤال #5
The CLI command set intelligent-mode controls the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?
A. Determines the optimal number of IPS engines required based on system load
B. Downloads signatures on demand from FDS based on scanning requirements
C. Determines when it is secure enough to stop scanning session traffic
D. Choose a matching algorithm based on available memory and the type of inspection being performed
عرض الإجابة
اجابة صحيحة: AD
السؤال #6
Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?
A. Diagnose debug application radius -1
B. Diagnose debug application fnbamd -1
C. Diagnose authd console –log enable
D. Diagnose radius console –log enable
عرض الإجابة
اجابة صحيحة: C
السؤال #7
View the IPS exit log, and then answer the question below. # diagnose test application ipsmonitor 3 ipsengine exit log” pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017 code = 11, reason: manual What is the status of IPS on this FortiGate?
A. IPS engine memory consumption has exceeded the model-specific predefined value
B. IPS daemon experienced a crash
C. There are communication problems between the IPS engine and the management database
D. All IPS-related features have been disabled in FortiGate’s configuration
عرض الإجابة
اجابة صحيحة: B
السؤال #8
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. Which statements about this debug output are correct? (Choose two.)
A. The remote gateway IP address is 10
B. It shows a phase 1 negotiation
C. The negotiation is using AES128 encryption with CBC hash
D. The initiator has provided remote as its IPsec peer ID
عرض الإجابة
اجابة صحيحة: AC
السؤال #9
Which statement about NGFW policy-based application filtering is true?
A. After the application has been identified, the kernel uses only the Layer 4 header to match the traffic
B. The IPS security profile is the only security option you can apply to the security policy with the action set to ACCEPT
C. After IPS identifies the application, it adds an entry to a dynamic ISDB table
D. FortiGate will drop all packets until the application can be identified
عرض الإجابة
اجابة صحيحة: CD
السؤال #10
View the exhibit, which contains the output of a BGP debug command, and then answer the question below. Which of the following statements about the exhibit are true? (Choose two.)
A. For the peer 10
B. The local BGP peer has received a total of three BGP prefixes
C. Since the BGP counters were last reset, the BGP peer 10
D. The local BGP peer has not established a TCP session to the BGP peer 10
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Refer to the exhibit, which shows a session entry. Which statement about this session is true?
A. It is an ICMP session from 10
B. It is a TCP session in close_wait state, from 10
C. 10
D. It is an ICMP session from 10
E. It is a TCP session in the established state, from 10
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which two statements about FortiManager is true when it is deployed as a local FDS? (Choose two.)
A. It caches available firmware updates for unmanaged devices
B. It can be configured as an update server, or a rating server, but not both
C. It supports rating requests from both managed and unmanaged devices
D. It provides VM license validation services
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Examine the following partial outputs from two routing debug commands; then answer the question below: Why the default route using port2 is not displayed in the output of the second command?
A. It has a lower priority than the default route using port1
B. It has a higher priority than the default route using port1
C. It has a higher distance than the default route using port1
D. It is disabled in the FortiGate configuration
عرض الإجابة
اجابة صحيحة: A
السؤال #14
What is the purpose of an internal segmentation firewall (ISFW)?
A. It inspects incoming traffic to protect services in the corporate DMZ
B. It is the first line of defense at the network perimeter
C. It splits the network into multiple security segments to minimize the impact of breaches
D. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network
عرض الإجابة
اجابة صحيحة: AD
السؤال #15
Refer to the exhibit, which contains the output of a BGP debug command. Which statement about the exhibit is true?
A. The local router has received a total of three BGP prefixes from all peers
B. The local router has not established a TCP session with 100
C. Since the counters were last reset, the 10
D. The local router BGP state is OpenConfirm with the 10
عرض الإجابة
اجابة صحيحة: AC
السؤال #16
View the exhibit, which contains the output of a web diagnose command, and then answer the question below. Which one of the following statements explains why the cache statistics are all zeros?
A. The administrator has reallocated the cache memory to a separate process
B. There are no users making web requests
C. The FortiGuard web filter cache is disabled in the FortiGate’s configuration
D. FortiGate is using a flow-based web filter and the cache applies only to proxy-based inspection
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: