الكويزات QUIZ - ملتقى فيصل » FCNSA كوكيز اسئلة

الكويز

FCNSA كوكيز اسئلة
[أسئلة اختبار - Fortinet Certified Network Security Administrato - 222]
Fortinet Certified Network Security Administrato (V5)

عدد الأسئلة: 8

- بعد إنهاء حل الكويز يمكنك تحميله بصيغة PDF.
- سوف تحصل على نقطة إضافية في التقييم عن كل إجابة صحيحة.

1) An administrator wants to assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?

A. Enable a set of unique UTM profiles under "Edit User Group".

B. The administrator must enable the UTM profiles in an identity-based policy applicable to the user group.

C. When defining the UTM objects, the administrator must list the user groups which will use the UTM object.

D. The administrator must apply the UTM features directly to a user object.

2) When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge.

SMTP

SSH

HTTP SSH

SCP

3) A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. Which one of the following statements is correct regarding the use of web-only mode SSL VPN?

A. Web-only mode supports SSL version 3 only.

B. A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN.

C. Web-only mode requires the user to have a web browser that supports 64-bit cipher length.

D. The JAVA run-time environment must be installed on the client to be able to connect to a webonly mode SSL VPN.

4) A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

A. Split tunneling can be enabled when using tunnel mode SSL VPN.

B. Client software is required to be able to use a tunnel mode SSL VPN.

C. Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy.

D. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

A.B.C.D

5) In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)

A. Create firewall policies to control traffic between the IP source and destination address.

B. Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.

C. Set the operating mode of the FortiGate unit to IPSec VPN mode.

D. Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.

E. Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.

Answer: A,D,E

6) How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?

A. A static route must be configured by the administrator using the ssl.root interface as the outgoing interface.

B. Assignment of an IP address to the client causes a host route to be added to the FortiGate unit’s kernel routing table.

C. A route back to the SSLVPN IP pool is automatically created on the FortiGate unit.

D. The FortiGate unit adds a route based upon the destination address in the SSL VPN firewall policy.

7) An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the “Connect” button. The administrator has enabled split tunneling. Given that the user authenticates against the SSL VPN policy shown in the image below, which statement below identifies the route that is added to the client’s routing table.

A. A route to destination matching the ‘WIN2K3’ address object.

B. A route to the destination matching the ‘all’ address object.

C. A default route.

D. No route is added.

8) Which of the following antivirus and attack definition update options are supported by FortiGate units? (Select all that apply.)

A. Manual update by downloading the signatures from the support site.

B. Pull updates from the FortiGate device

C. Push updates from the FortiGuard Distribution Network.

D. ”update-AV/AS” command from the CLI

Answer: A,B,C

المواضيع والمشاركات في الملتقى تمثل اصحابها.
يوجد في الملتقى تطوير وبرمجيات خاصة حقوقها خاصة بالملتقى
ملتزمون بحذف اي مادة فيها انتهاك للحقوق الفكرية بشرط مراسلتنا من مالك المادة او وكيل عنه