لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
The device exchanges routes using IBGP. Which two statements are correct about the IBGP configuration and routing information on the device? (Choose two.)
A. Each BGP route is three hops away from the destination
B. ibgp-multipath is disabled
C. additional-path is enabled
D. You can run the get router info routing-table database command to display the additional paths
عرض الإجابة
اجابة صحيحة: C
السؤال #2
In the default SD-WAN minimum configuration, which two statements are correct when traffic matches the default implicit SD-WAN rule? (Choose two )
A. Traffic has matched none of the FortiGate policy routes
B. Matched traffic failed RPF and was caught by the rule
C. The FIB lookup resolved interface was the SD-WAN interface
D. An absolute SD-WAN rule was defined and matched traffic
عرض الإجابة
اجابة صحيحة: A
السؤال #3
What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)
A. The FortiGate cloud key has not been added to the FortiGate cloud portal
B. FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
C. The zero-touch provisioning process has completed internally, behind FortiGate
D. FortiGate has obtained a configuration from the platform template in FortiGate cloud
E. A factory reset performed on FortiGate
عرض الإجابة
اجابة صحيحة: A
السؤال #4
Which two statements about the status of the VPN tunnel are true?
A. There are separate virtual interfaces for each dial-up client
B. VPN static routes are prevented from populating the FortiGate routing table
C. FortiGate created a single IPsec virtual interface that is shared by all clients
D. 100
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Which components make up the secure SD-WAN solution?
A. Application, antivirus, and URL, and SSL inspection
B. Datacenter, branch offices, and public cloud
C. FortiGate, FortiManager, FortiAnalyzer, and FortiDeploy
D. Telephone, ISDN, and telecom network
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Refer to the exhibits. Exhibit A - Exhibit B - Exhibit A shows the traffic shaping policy and exhibit B shows the firewall policy. The administrator wants FortiGate to limit the bandwidth used by YouTube. When testing, the administrator determines that FortiGate does not apply traffic shaping on YouTube traffic. Based on the policies shown in the exhibits, what configuration change must be made so FortiGate performs traffic shaping on YouTube traffic?
A. Destination internet service must be enabled on the traffic shaping policy
B. Application control must be enabled on the firewall policy
C. Web filtering must be enabled on the firewall policy
D. Individual SD-WAN members must be selected as the outgoing interface on the traffic shaping policy
عرض الإجابة
اجابة صحيحة: B
السؤال #7
FortiGate has multiple dial-up VPN interfaces incoming on port1 that match only FIRST_VPN. Which two configuration changes must be made to both IPsec VPN interfaces to allow incoming connections to match all possible IPsec dial-up interfaces? (Choose two.)
A. Specify a unique peer ID for each dial-up VPN interface
B. Use different proposals are used between the interfaces
C. Configure the IKE mode to be aggressive mode
D. Use unique Diffie Hellman groups on each VPN interface
عرض الإجابة
اجابة صحيحة: A
السؤال #8
Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?
A. The type of traffic defined and allowed on firewall policy ID 1 is UDP
B. FortiGate has terminated the session after a change on policy ID 1
C. Changes have been made on firewall policy ID 1 on FortiGate
D. Firewall policy ID 1 has source NAT disabled
عرض الإجابة
اجابة صحيحة: C
السؤال #9
Refer to the exhibits. Exhibit A - Exhibit B - Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt. When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule. Based on the information shown in the exhibits, what configurati
A. Enable auxiliary-session under config system settings
B. Disable t?p-session-without-syn under config system settings
C. Enable snat-route-change under config system global
D. Disable allow-subnet-overlap under config system settings
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Refer to the exhibits. Exhibit A - Exhibit B - Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SDw-WAN mwember stwatus, the. roVuting taCble, andE the perpformalnceu SLA stsatus. .io If port2 is detected dead by FortiGate, what is the expected behavior?
A. Port2 becomes alive after three successful probes are detected
B. FortiGate removes all static routes for port2
C. The administrator manually restores the static routes for port2, if port2 becomes alive
D. Host 8
عرض الإجابة
اجابة صحيحة: B
السؤال #11
Refer to the exhibit, which shows the IPsec phase 1 configuration of a spoke. What must you configure on the IPsec phase 1 configuration for ADVPN to work with SD-WAN?
A. You must set ike-version to 1
B. You must enable net-device
C. You must enable auto-discovery-sender
D. You must disable idle-timeout
عرض الإجابة
اجابة صحيحة: B
السؤال #12
In a hub-and-spoke topology, what are two advantages of enabling ADVPN on the IPsec overlays? (Choose two.)
A. It provides the benefits of a full-mesh topology in a hub-and-spoke network
B. It provides direct connectivity between spokes by creating shortcuts
C. It enables spokes to bypass the hub during shortcut negotiation
D. It enables spokes to establish shortcuts to third-party gateways
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Based on the output shown in the exhibit, which two criteria on the SD-WAN member configuration can be used to select an outgoing interface in an SD-WAN rule? (Choose two.)
A. Set priority 10
B. Set cost 15
C. Set load-balance-mode source-ip-ip-based
D. Set source 100
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Which algorithm does SD-WAN use to distribute traffic that does not match any of the SD-WAN rules?
A. All traffic from a source IP to a destination IP is sent to the same interface
B. All traffic from a source IP is sent to the same interface
C. All traffic from a source IP is sent to the most used interface
D. All traffic from a source IP to a destination IP is sent to the least used interface
عرض الإجابة
اجابة صحيحة: A
السؤال #15
Which two statements describe how IPsec phase 1 main mode is different from aggressive mode when performing IKE negotiation? (Choose two )
A. A peer ID is included in the first packet from the initiator, along with suggested security policies
B. XAuth is enabled as an additional level of authentication, which requires a username and password
C. A total of six packets are exchanged between an initiator and a responder instead of three packets
D. The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance
عرض الإجابة
اجابة صحيحة: B
السؤال #16
What is the lnkmtd process responsible for?
A. Monitoring links for any bandwidth saturation
B. Processing performance SLA probes
C. Flushing route tags addresses
D. Logging interface quality information
عرض الإجابة
اجابة صحيحة: D
السؤال #17
What are two reasons for using FortiManager to organize and manage the network for a group of FortiGate devices? (Choose two )
A. It simplifies the deployment and administration of SD-WAN on managed FortiGate devices
B. It improves SD-WAN performance on the managed FortiGate devices
C. It sends probe signals as health checks to the beacon servers on behalf of FortiGate
D. It acts as a policy compliance entity to review all managed FortiGate devices
E. It reduces WAN usage on FortiGate devices by acting as a local FortiGuard server
عرض الإجابة
اجابة صحيحة: A
السؤال #18
Which are three key routing principles in SD-WAN? (Choose three.)
A. FortiGate performs route lookups for new sessions only
B. Regular policy routes have precedence over SD-WAN rules
C. SD-WAN rules have precedence over ISDB routes
D. By default, SD-WAN members are skipped if they do not have a valid route to the destination
E. By default, SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.