• No results found

QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Fortinet - FCNSA

Fortinet Certified Network Security Administrator

QUESTION: 1

Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.) A. Firewall B. Directory Service C. Local D. LDAP E. PKI Answer(s): A, B, C, E Explanation: Page 43 of http://docs.fortinet.com/fgt/handbook/40mr2/fortigate-authentication-40-mr2.pdf QUESTION: 2

Which of the following statements regarding Banned Words are correct? (Select all that apply.) A. The FortiGate unit can scan web pages and email messages for instances of banned words. B. When creating a banned word list, an administrator can indicate either specific words or patterns.

C. Banned words can be expressed as wildcards or regular expressions.

D. Content is automatically blocked if a single instance of a banned word appears. E. The FortiGate unit includes a pre-defined library of common banned words. Answer(s): A, B, C

Explanation:

http://www.scribd.com/doc/18579283/Spam-Filter

QUESTION: 3

When creating administrative users, the assigned____________________ determines user rights on the FortiGate unit.

(2)

http://docs.google.com/viewer?a=v&q=cache:avlu2Gqf9qIJ:docs.fortinet.com/fgt/handbook/40mr 3/fortigatecompliance-40-mr3.pdf+When+creating+administrative+users,+the+assigned+access+profile+determines +user+rights+on+the+FortiGate+unit&hl=en&gl=in&pid=bl&srcid=ADGEESgzqoPFOBdM9MpF0T_ MOTAa2iAy7fVLPgvTWlD1IsVczJt98supddW_9qMLxyBsnvU0ijR1dPFSfbQM08eEB00SlxAph3laJ3u mkC52FvxEoVWk2hWj3UZbnJWYUKEau3_XCmp&sig=AHIEtbT4PD_bWjKNqs1FfExl-40Yf4nANg QUESTION: 4

If a FortiGate unit has a dmz interface IP address of 210.192.168.2 with a subnet mask of 255.255.255.0, what is a valid dmz DHCP accessing range?

A. 172.168.0.1-172.168.0.10 B. 210.192.168.3-210.192.168.10 C. 210.192.168.1 - 210.192.168.4 D. All of the above

Answer(s): C

QUESTION: 5

Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention from flowing through the FortiGate unit? (Select all that apply.)

A. Assign a DLP sensor in a firewall policy.

B. Apply one or more DLP rules to a firewall policy.

C. Enable DLP globally using the config sys dip command in the CU. D. Define one or more DLP rules.

E. Define a DLP sensor.

F. Apply a DLP sensor to a DoS sensor policy. Answer(s): ABDE

Explanation:

http://www.scribd.com/doc/49908929/147/Data-leak-prevention

QUESTION: 6

A FortiGate 60 unit is configured for your small office. The DMZ interface is connected to a network containing a web server and email server. The Internal interface is connected to a network

(3)

You want to configure firewall policies so that your users can send and receive email messages to the email server on the DMZ network. You also want the email server to be able to retrieve email messages from an email server hosted by your ISP using the POP3 protocol.

Which policies must be created for this communication? (Select all that apply.) A. Internal > DMZ B. DMZ > internal C. Internal > WAN1 D. WAN1 > Internal E. DMZ>WAN1 F. WAN1 >DMZ Answer(s): A, E QUESTION: 7

Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.)

A. FortiASIC content processor. B. Hard Drive.

C. Gigabit network interfaces. D. Serial console pat.

Answer(s): A Explanation: http://docs.google.com/viewer?a=v&q=cache:RI3HhvLJMsMJ:www.btc-networks.com/fileadmin/adminksa/products_downloads/Fortigate_50_100DS.pdf+FortiGate+unit s+from+FG50+models+and+up&hl=en&gl=in&pid=bl&srcid=ADGEESg3rlrC6VoxpVI090uXBMgBA6 UbECbfM_50bbDUZKwTj-MO8PYgz_DW952gByowpgTeq2oDsgFTeXgxAH9JAVwLgMSzq2LGfxCesKyGm4wdy8gLYb9vHSoJhI a1dOFpu3P8dsP&sig=AHIEtbTJlo7a-HbSnwVTEO0_kKfJZGWqFA QUESTION: 8

In which order are firewall policies processed on the FortiGate unit? A. They are processed from the top down as they appear in Web Config.

B. They are processed based on the policy ID number shown in the left hand column of the policy window.

(4)

Answer(s): A Explanation:

http://docs.fortinet.com/fgt/archives/3.0/techdocs/FortiGate_Administration_Guide_01-30006-0203-20080313.pdf

QUESTION: 9

A FortiGate unit can scan for viruses on which types of network traffic? (Select all that apply.) A. POP3. B. FTP. C. SMTP. D. SNMP. E. NetBios. Answer(s): A, B, C http://docs.fortinet.com/fgt/handbook/40mr3/fortigate-utm-40-mr3.pdf QUESTION: 10

Which of the following are valid components of the Fortinet Server Authentication Extensions (FSAE)? (Select all that apply.)

A. Domain Local Security Agent. B. Collector Agent.

C. Active Directory Agent. D. User Authentication Agent. E. Domain Controller Agent. Answer(s): B, E

http://docs.fortinet.com/fgt/archives/3.0/techdocs/FortiGate_Administration_Guide_01-30006-0203-20080313.pdf

QUESTION: 11

Caching improves performance by reducing FortiGate unit requests to the FortiGuard server. Which of the following statements are correct regarding the caching of FortiGuard responses? (Select all that apply.)

A. Caching is available for web filtering, antispam, and IP5 requests. B. The cache uses a small portion of the FortiGate system memory.

(5)

D. An administrator can configure the number of seconds to store information in the cache before the FortiGate unit contacts the FortiGuerd server again.

E. The size of the cache will increase to accommodate any number of cached queries. Answer(s): B, C, D Explanation: http://docs.google.com/viewer?a=v&q=cache:-wnbrLL__EAJ:www.fortigate.be/Files/2.80/ V2.80_FortiGuard_25_June_2004.pdf+Caching+in+FortiGate+unit+When+the+cache+is+full,+the+le ast+recently+used+IP+address+or+URL+is+deleted+from+the+cache&hl=en&gl=in&pid=bl&srcid= ADGEESg9GwwuUb7lwzvKr7DUA9stG3sMxGIli3M9m8QESUcIuLZpx3gg_xiVOn_kC0yB52Hr-EHzaV4NTBqeC9FM8O5QMAsI8je83HmR_kqaDnu3JiEK8jvkQcKgTjXucX_J1ve5GSn_&sig=AHIEtbQi CeCZI4NNQAdWr6Jsvw2mQpYy1w QUESTION: 12

Which of the following items does NOT support the Logging feature? A. File Filter

B. Application control C. Session timeouts D. Administrator activities E. Web URL filtering Answer(s): C Explanation:

Page 43 of http://docs.fortinet.com/fgt/handbook/40mr2/fortigate-loggingreporting-40-mr2.pdf Log settings provide the information that the FortiGate unit needs so that it knows what activities to record. This topic explains what activity each log file records, as well as additional information about the log file, which will help you determine what FortiGate activity the FortiGate unit should record.

This topic includes the following: • Traffic

• Event

References

Download now ( PDF - 5 Page - 318.51 KB )

Related documents

TECHNICAL AND VOCATIONAL EDUCATION AND TRAINING (TVET) SYSTEM\ IN INDIA FOR SUSTAINABLE DEVELOPMENT

National Conference on Technical Vocational Education, Training and Skills Development: A Roadmap for Empowerment (Dec. 2008): Ministry of Human Resource Development, Department

Report by the Executive Director Residents Services and the Director of Customer Services

4.1 The Select Committee is asked to consider the proposed development of the Customer Service Function, the recommended service delivery option and the investment required8. It

Do commuters suffer from job-education mismatch?

Results suggest that the probability of under-educated employment is higher among low skilled recent migrants and that the over-education risk is higher among high skilled

Prevalence, survival analysis and multimorbidity of chronic diseases in the general veterinarian-attended horse population of the UK

Using text mining of first-opinion electronic medical records from seven veterinary practices around the UK, Kaplan-Meier and Cox proportional hazard modelling, we were able to

BODIPY as building blocks for Near InfraRed-Active Organic Compounds

In this PhD thesis new organic NIR materials (both π-conjugated polymers and small molecules) based on α,β-unsubstituted meso-positioning thienyl BODIPY have been

PERSONAL RECORD BOOK. Construction Craft Worker

• Follow up with your employer each reporting period to ensure your hours are reported on a regular basis?. • Discuss your progress with

Liminal Space in Architecture- Threshold and Transition

The threshold into the stadium is through a series of layers which delaminate from the geometry of the field to the geometry of the city and creates zones of separation,

Proprietary Schools Licensed in Louisiana

Proprietary Schools are referred to as those classified nonpublic, which sell or offer for sale mostly post- secondary instruction which leads to an occupation..