Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which command detects where a routing path is broken?
A. exec traceroute <destination>
B. exec route ping <destination>
C. diag route null
D. diag debug route <destination>
Answer: A
Q2. Which Fortinet product is used for antispam protection?
A. FortiSwitch
B. FortiGate
C. FortiWeb
D. FortiDB
Answer: B
Q3. Referring to the exhibit, users are reporting that their FortiFones ring but when they pick up, the cannot hear each other. The FortiFones use SIP to communicate with the SIP Proxy Server and RTP between the phones.
Which configuration change will resolve the problem?
A.
B.
C.
D.
Answer: C
Explanation:
References: http://docs.fortinet.com/uploaded/files/2813/fortigate-sip-54.pdf
Q4. Your marketing department uncompressed and executed a file that the whole department received using Skype.
Reviewing the exhibit, which two details do you determine from your initial analysis of the payload?
A. The payload contains strings that the malware is monitoring to harvest credentials.
B. This is a type of Trojan that will download and pirate movies using your Netflix credentials.
C. This type of threat of a DDoS attack using instant messaging to send e-mails to further spread the infection.
D. This threat payload is uploading private user videos which are then used to extort Bitcoin payments.
Answer: B
Q5. A customer is authenticating users using a FortiGate and an external LDAP server. The LDAP user, John Smith, cannot authenticate. The administrator runs the debug command diagnose debug application fnbamd 255 while John Smith attempts the authentication:
Based on the output shown in the exhibit, what is causing the problem?
A. The LDAP administrator password in the FortiGate configuration is incorrect.
B. The user, John Smith, does have an account in the LDAP server.
C. The user, John Smith, does not belong to any allowed user group.
D. The user, John Smith, is using an incorrect password.
Answer: A
Explanation:
Fortigate not binded with LDAP server because of failed authentication. References:
Q6. Referring to the configuration shown in the exhibit, which three statements are true? (Choose three.)
A. Traffic logging is disabled in policy 96.
B. TCP handshake is completed and no FIN/RST has been forwarded.
C. No packet has hit this session in the last five minutes.
D. No QoS is applied to this traffic.
E. The traffic goes through a VIP applied to policy 96.
Answer: B,C,E
Explanation: References:
http://kb.fortinet.com/kb/viewContent.do?externalId=FD30042
Q7. Your company uses a cluster of two FortiGate 3600C units in active-passive mode to protect the corporate network. The FortiGate cluster sends its logs to a FortiAnalyzer and you have configured scheduled weekly reports for the Internet bandwidth usage of each corporate VLAN. During a scheduled maintenance window, you make a series of configuration changes. When the next FortiAnalyzer weekly report is generated, you notice that Internet bandwidth usage reported by the FortiAnalyzer is far less than expected.
What is the reason for this discrepancy?
A. You applied an antivirus profile on some of the policies, and no traffic can be accelerated.
B. You disabled all security profiles on some of the firewall policies, and the traffic matching those policies is now accelerated.
C. You enabled HA session-pickup, which is turn disabled session accounting.
D. You changed from active-passive to active-active, causing the session traffic counters to become inaccurate.
Answer: D
Explanation:
Because of Active/Active failover traffic segregate to boxes where it reduces the bandwidth utilization
Q8. You want to enable traffic between 2001:db8:1::/64 and 2001:db8:2::/64 over the public IPv4 Internet.
Given the CLI configuration shown in the exhibit, which two additional settings are required on this device to implement tunneling for the IPv6 transition? (Choose two.)
A. IPv4 firewall policies to allow traffic between the local and remote IPv6 subnets.
B. IPv6 static route to the destination phase2 destination subnet.
C. IPv4 static route to the destination phase2 destination subnet.
D. IPv6 firewall policies to allow traffic between the local and remote IPv6 subnets.
Answer: B,D
Explanation:
References: http://docs.fortinet.com/uploaded/files/1969/IPv6%20Handbook%20for%20FortiOS%205.2. pdf
Q9. Given the following FortiOS 5.2 commands:
Which vulnerability is being addresses when managing FortiGate through an encrypted management protocol?
A. Remote Exploit Vulnerability in Bash (ShellShock)
B. Information Disclosure Vulnerability in OpenSSL (Heartbleed)
C. SSL v3 POODLE Vulnerability
D. SSL/TLS MITM vulnerability (CVE-2014-0224)
Answer: C
Explanation:
References: http://kb.fortinet.com/kb/documentLink.do?externalID=FD36913
Q10. A customer wants to install a FortiSandbox device to identify suspicious files received by an e-mail server. All the incoming e-mail traffic to the e-mail server uses the SMTPS protocol.
Which three solutions would be implemented? (Choose three.)
A. FortiGate device in transparent mode sending the suspicious files to the FortiSandbox
B. FortiSandbox in sniffer input mode
C. FortiMail device in gateway mode using the built-in MTA and sending the suspicious files to the FortiSandbox
D. FortiMail device in transparent mode acting as an SMTP proxy sending the suspicious files to the FortiSandbox
E. FortiGate device in NAT mode sending the suspicious files to the FortiSandbox
Answer: B,C,E
Explanation:
References: http://kb.fortinet.com/kb/documentLink.do?externalID=FD34371
Q11. You are asked to write a FortiAnalyzer report that lists the session that has consumed the most bandwidth. You are required to include the source IP, destination IP, application, application category, hostname, and total bandwidth consumed.
Which dataset meets these requirements?
A. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘recbyte “, 0)) as bandwidth from $log where $filter LIMIT 1
B. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘recbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
C. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
D. select from_itime(itime) as timestamp, sourceip, destip, app, appcat, hostname, sum(coalesce(‘sentbyte’, 0)+coalesce(‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
Answer: C
Explanation:
References:
http://docs.fortinet.com/uploaded/files/2617/fortianalyzer-5.2.4-dataset-reference.pdf
Q12. Your FortiGate has multiple CPUs. You want to verify the load for each CPU. Which two commands will accomplish this task? (Choose two.)
A. get system performance status
B. diag system mpstat
C. diag system cpu stat
D. diag system top
Answer: A,D
Explanation:
References: http://kb.fortinet.com/kb/documentLink.do?externalID=13825
Q13. You are an administrator of FortiGate devices that use FortiManager for central management. You need to add a policy on an ADOM, but upon selecting the ADOM drop- down list, you notice that the ADOM is in locked state. Workflow mode is enabled on your FortiManager to define approval or notification workflow when creating and installing policy changes.
What caused this problem?
A. Another administrator has locked the ADOM and is currently working on it.
B. There is pending approval waiting from a previous modification.
C. You need to use set workspace-mode workflow on the CLI.
D. You have read-only permission on Workflow Approve in the administrator profile.
Answer: D
Explanation:
http://docs.fortinet.com/uploaded/files/2250/FortiManager-5.2.1-Administration-Guide.pdf
Q14. The SECOPS team in your company has started a new project to store all logging data in a disaster recovery center. All FortiGates will log to a secondary FortiAnalyzer and establish a TCP session to send logs to the syslog server.
Which two configurations will achieve this goal? (Choose two.)
A.
B.
C.
D.
Answer: A,C
Explanation:
https://forum.fortinet.com/tm.aspx?m=122848
Q15. The exhibit shows an LDAP server configuration in a FortiGate device.
The LDAP user, John Smith, has the following LDAP attributes:
John Smith’s LDAP password is ABC123.
Which CLI command should you use to test the LDAP authentication using John Smith’s credentials?
A. diagnose test authserver ldap Lab jsmith ABC123
B. diagnose test authserver ldap-direct Lab jsmith ABC123
C. diagnose test authserver ldap Lab ‘John Smith’ ABC123
D. diagnose test authserver ldap-direct Lab john ABC123
Answer: A
Explanation:
References: https://forum.fortinet.com/tm.aspx?m=119178
Q16. You are asked to implement a wireless network for a conference center and need to provision a high number of access points to support a large number of wireless client
connections.
Which statement describes a valid solution for this requirement?
A. Use a captive portal for guest access. Use both 2.4 GHz and 5 GHz bands. Enable frequency and access point hand-off. Use more channels, thereby supporting more clients.
B. Use an open wireless network with no portal. Use both 2.4 GHz and 5 GHz bands. Use 802.11ac capable access points and configure channel bonding to support greater throughput for wireless clients.
C. Use a pre-shared key only for wireless client security. Use the 5 GHz band only for greater security. Use 802.11ac capable access points and configure channel bonding to support greater throughput for wireless clients.
D. Use a captive portal for guest access. Use both the 2.4 GHz and 5 GHz bands, and configure frequency steering. Configure rogue access point detection in order to automatically control the transmit power of each AP.
Answer: D