Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 2)
Review the configuration for FortiClient IPsec shown in the Exhibit below.
Which of the following statements is correct regarding this configuration?
A. The connecting VPN client will install a route to a destination corresponding to the STUDENT_INTERNAL address object
B. The connecting VPN client will install a default route
C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range
D. The connecting VPN client will connect in web portal mode and no route will be installed
Answer: A
Q2. - (Topic 1)
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ .
A. set order
B. edit policy
C. reorder
D. move
Answer: D
Q3. - (Topic 3)
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. TCP connection
B. File attachments
C. Message headers
D. Message body
Answer: A
Q4. - (Topic 1)
Which of the following statements are true of the FortiGate unit’s factory default configuration?
A. ‘Port1’ or ‘Internal’ interface will have an IP of 192.168.1.99.
B. ‘Port1’ or ‘Internal’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers).
C. Default login will always be the username: admin (all lowercase) and no password.
D. The implicit firewall action is ACCEPT.
Answer: A,B,C
Q5. - (Topic 3)
In a High Availability configuration operating in Active-Active mode, which of the following correctly describes the path taken by a load-balanced HTTP session?
A. Request: Internal Host -> Master FG -> Slave FG -> Internet -> Web Server
B. Request: Internal Host -> Master FG -> Slave FG -> Master FG -> Internet -> Web Server
C. Request: Internal Host -> Slave FG -> Internet -> Web Server
D. Request: Internal Host -> Slave FG -> Master FG -> Internet -> Web Server
Answer: A
Q6. - (Topic 1)
Which of the following statements regarding Banned Words are correct? (Select all that apply.)
A. The FortiGate unit can scan web pages and email messages for instances of banned words.
B. When creating a banned word list, an administrator can indicate either specific words or patterns.
C. Banned words can be expressed as wildcards or regular expressions.
D. Content is automatically blocked if a single instance of a banned word appears.
E. The FortiGate unit includes a pre-defined library of common banned words.
Answer: A,B,C
Q7. - (Topic 1)
Which of the following email spam filtering features is NOT supported on a FortiGate unit?
A. Multipurpose Internet Mail Extensions (MIME) Header Check
B. HELO DNS Lookup
C. Greylisting
D. Banned Word
Answer: C
Q8. - (Topic 1)
The Idle Timeout setting on a FortiGate unit applies to which of the following?
A. Web browsing
B. FTP connections
C. User authentication
D. Administrator access
E. Web filtering overrides.
Answer: D