لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
- (Exam Topic 1) An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)
A. The Detection Mode setting is not set to Passive
B. Administrator didn't configure a gateway for the SD-WAN members, or configured gateway is not valid
C. The configured participants are not SD-WAN members
D. The Enable probe packets setting is not enabled
عرض الإجابة
اجابة صحيحة: AC
السؤال #2
- (Exam Topic 1) Refer to the exhibit showing a debug flow output. Which two statements about the debug flow output are correct? (Choose two.)
A. The debug flow is of ICMP traffic
B. A firewall policy allowed the connection
C. A new traffic session is created
D. The default route is required to receive a reply
عرض الإجابة
اجابة صحيحة: D
السؤال #3
- (Exam Topic 2) If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?
A. IP address
B. Once Internet Service is selected, no other object can be added
C. User or User Group
D. FQDN address
عرض الإجابة
اجابة صحيحة: B
السؤال #4
- (Exam Topic 2) Which two statements are true about collector agent standard access mode? (Choose two.)
A. Standard mode uses Windows convention-NetBios: Domain\Username
B. Standard mode security profiles apply to organizational units (OU)
C. Standard mode security profiles apply to user groups
D. Standard access mode supports nested groups
عرض الإجابة
اجابة صحيحة: D
السؤال #5
- (Exam Topic 2) Which of the following statements about central NAT are true? (Choose two.)
A. IP tool references must be removed from existing firewall policies before enabling central NAT
B. Central NAT can be enabled or disabled from the CLI only
C. Source NAT, using central NAT, requires at least one central SNAT policy
D. Destination NAT, using central NAT, requires a VIP object as the destination address in a firewall
عرض الإجابة
اجابة صحيحة: AC
السؤال #6
- (Exam Topic 2) Examine the IPS sensor configuration shown in the exhibit, and then answer the question below. An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic. What is a possible reason for this?
A. The IPS filter is missing the Protocol: HTTPS option
B. The HTTPS signatures have not been added to the sensor
C. A DoS policy should be used, instead of an IPS sensor
D. A DoS policy should be used, instead of an IPS sensor
E. The firewall policy is not using a full SSL inspection profile
عرض الإجابة
اجابة صحيحة: CD
السؤال #7
- (Exam Topic 2) Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)
A. hard-timeout
B. auth-on-demand
C. soft-timeout
D. new-session
E. Idle-timeout
عرض الإجابة
اجابة صحيحة: AB
السؤال #8
- (Exam Topic 2) Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?
A. Root VDOM
B. FG-traffic VDOM
C. Customer VDOM
D. Global VDOM
عرض الإجابة
اجابة صحيحة: AC
السؤال #9
- (Exam Topic 2) When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. remote user’s public IP address
B. The public IP address of the FortiGate device
C. The remote user’s virtual IP address
D. The internal IP address of the FortiGate device
عرض الإجابة
اجابة صحيحة: C
السؤال #10
- (Exam Topic 1) An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel. Which DPD mode on FortiGate will meet the above requirement?
A. Disabled
B. On Demand
C. Enabled
D. On Idle
عرض الإجابة
اجابة صحيحة: C
السؤال #11
- (Exam Topic 2) Refer to the exhibit to view the application control profile. Users who use Apple FaceTime video conferences are unable to set up meetings. In this scenario, which statement is true?
A. Apple FaceTime belongs to the custom monitored filter
B. The category of Apple FaceTime is being monitored
C. Apple FaceTime belongs to the custom blocked filter
D. The category of Apple FaceTime is being blocked
عرض الإجابة
اجابة صحيحة: ABE
السؤال #12
- (Exam Topic 2) Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)
A. Shut down/reboot a downstream FortiGate device
B. Disable FortiAnalyzer logging for a downstream FortiGate device
C. Log in to a downstream FortiSwitch device
D. Ban or unban compromised hosts
عرض الإجابة
اجابة صحيحة: ABD
السؤال #13
- (Exam Topic 2) Examine this FortiGate configuration: How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?
A. It always authorizes the traffic without requiring authentication
B. It drops the traffic
C. It authenticates the traffic using the authentication scheme SCHEME2
D. It authenticates the traffic using the authentication scheme SCHEME1
عرض الإجابة
اجابة صحيحة: D
السؤال #14
- (Exam Topic 2) Refer to the exhibit, which contains a session diagnostic output. Which statement is true about the session diagnostic output?
A. The session is a UDP unidirectional state
B. The session is in TCP ESTABLISHED state
C. The session is a bidirectional UDP connection
D. The session is a bidirectional TCP connection
عرض الإجابة
اجابة صحيحة: AD

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.