Q1. - (Topic 3)
Which of the following describes the difference between the ban and quarantine actions?
A. A ban action prevents future transactions using the same protocol which triggered the ban. A qarantine action blocks all future transactions, regardless of the protocol.
B. A ban action blocks the transaction. A quarantine action archives the data.
C. A ban action has a finite duration. A quarantine action must be removed by an administrator.
D. A ban action is used for known users. A quarantine action is used for unknown users.
Answer: A
Q2. - (Topic 2)
Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.)
A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding.
B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs.
C. The device is transparent to network hosts.
D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network.
E. All interfaces must be on different IP subnets.
Answer: A,B,C,D
Q3. - (Topic 3)
A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root.
Which of the following items would an administrator logging in using this account NOT be able to configure?
A. Firewall addresses
B. DHCP servers
C. FortiGuard Distribution Network configuration
D. PPTP VPN configuration
Answer: C
Q4. - (Topic 1)
The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters. Which of the following items describes user?
A. A command.
B. An object.
C. A table.
D. A parameter.
Answer: B
Q5. - (Topic 1)
Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.)
A. User must accept the disclaimer to proceed with the authentication process.
B. The disclaimer page is customizable.
C. The disclaimer cannot be used in combination with user authentication.
D. The disclaimer can only be applied to wireless interfaces.
Answer: A,B
Q6. - (Topic 1)
The FortiGate Web Config provides a link to update the firmware in the System > Status window. Clicking this link will perform which of the following actions?
A. It will connect to the Fortinet support site where the appropriate firmware version can be selected.
B. It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C. It will present a prompt to allow browsing to the location of the firmware file.
D. It will automatically connect to the Fortinet support site to download the most recent firmware version for the FortiGate unit.
Answer: C
Q7. - (Topic 3)
Which of the following statements correctly describes the deepscan option for HTTPS?
A. When deepscan is disabled, only the web server certificate is inspected; no decryption of content occurs.
B. Enabling deepscan will perform further checks on the server certificate.
C. Deepscan is only applicable to mail protocols, where all IP addresses in the header are checked.
D. With deepscan enabled, archived files will be decompressed before scanning for a more comprehensive file inspection.
Answer: A
Q8. - (Topic 2)
Data Leak Prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.)
A. SNMP
B. IPSec
C. SMTP
D. POP3
E. HTTP
Answer: C,D,E
Q9. - (Topic 3)
What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully-meshed set of IPSec tunnels? (Select all that apply.)
A. Using a hub and spoke topology is required to achieve full redundancy.
B. Using a hub and spoke topology simplifies configuration.
C. Using a hub and spoke topology provides stronger encryption.
D. Using a hub and spoke topology reduces the number of tunnels.
Answer: B,D
Q10. - (Topic 3)
An administrator sets up a new FTP server on TCP port 2121. A FortiGate unit is located between the FTP clients and the server. The administrator has created a policy for TCP port 2121.
Users have been complaining that when downloading data they receive a 200 Port command successful message followed by a 425 Cannot build data connection message.
Which of the following statements represents the best solution to this problem?
A. Create a new session helper for the FTP service monitoring port 2121.
B. Enable the ANY service in the firewall policies for both incoming and outgoing traffic.
C. Place the client and server interface in the same zone and enable intra-zone traffic.
D. Disable any protection profiles being applied to FTP traffic.
Answer: A