Q1. - (Topic 4)
The FortiGate port1 is connected to the Internet. The FortiGate port2 is connected to the internal network. Examine the firewall configuration shown in the exhibit; then answer the question below.
Based on the firewall configuration illustrated in the exhibit, which statement is correct?
A. A user that has not authenticated can access the Internet using any protocol that does not trigger an authentication challenge.
B. A user that has not authenticated can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP.
C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access all Internet services.
D. DNS Internet access is always allowed, even for users that has not authenticated.
Answer: D
Q2. - (Topic 1)
Which statements are true regarding the factory default configuration? (Choose three.)
A. The default web filtering profile is applied to the first firewall policy.
B. The ‘Port1’ or ‘Internal’ interface has the IP address 192.168.1.99.
C. The implicit firewall policy action is ACCEPT.
D. The ‘Port1’ or ‘Internal’ interface has a DHCP server set up and enabled (on device models that support DHCP servers).
E. Default login uses the username: admin (all lowercase) and no password.
Answer: B,D,E
Q3. - (Topic 1)
What methods can be used to access the FortiGate CLI? (Choose two.)
A. Using SNMP.
B. A direct connection to the serial console port.
C. Using the CLI console widget in the GUI.
D. Using RCP.
Answer: B,C
Q4. - (Topic 16)
Review the IPS sensor filter configuration shown in the exhibit
Based on the information in the exhibit, which statements are correct regarding the filter? (Choose two.)
A. It does not log attacks targeting Linux servers.
B. It matches all traffic to Linux servers.
C. Its action will block traffic matching these signatures.
D. It only takes effect when the sensor is applied to a policy.
Answer: C,D
Q5. - (Topic 3)
Which firewall objects can be included in the Destination Address field of a firewall policy? (Choose three.)
A. IP address pool.
B. Virtual IP address.
C. IP address.
D. IP address group.
E. MAC address.
Answer: B,C,D
Q6. - (Topic 17)
With FSSO, a domain user could authenticate either against the domain controller running the collector agent and domain controller agent, or a domain controller running only the domain controller agent.
If you attempt to authenticate with a domain controller running only the domain controller agent, which statements are correct? (Choose two.)
A. The login event is sent to the collector agent.
B. The FortiGate receives the user information directly from the receiving domain controller agent of the secondary domain controller.
C. The domain collector agent may perform a DNS lookup for the authenticated client's IP address.
D. The user cannot be authenticated with the FortiGate in this manner because each domain controller agent requires a dedicated collector agent.
Answer: A,C
Q7. - (Topic 19)
For data leak prevention, which statement describes the difference between the block and
quarantine actions?
A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol.
B. A block action prevents the transaction. A quarantine action archives the data.
C. A block action has a finite duration. A quarantine action must be removed by an administrator.
D. A block action is used for known users. A quarantine action is used for unknown users.
Answer: A
Q8. - (Topic 11)
In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate operating in NAT/Route mode, when searching for a suitable gateway?
A. A lookup is done only when the first packet coming from the client (SYN) arrives.
B. A lookup is done when the first packet coming from the client (SYN) arrives, and a second one is performed when the first packet coming from the server (SYN/ACK) arrives.
C. Three lookups are done during the TCP 3-way handshake (SYN, SYN/ACK, ACK).
D. A lookup is always done each time a packet arrives, from either the server or the client side.
Answer: B
Q9. - (Topic 7)
Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)
A. Manual update by downloading the signatures from the support site.
B. Pull updates from the FortiGate.
C. Push updates from a FortiAnalyzer.
D. execute fortiguard-AV-AS command from the CLI.
Answer: A,B
Q10. - (Topic 4)
What methods can be used to deliver the token code to a user that is configured to use two-factor authentication? (Choose three.)
A. Browser pop-up window.
B. FortiToken.
C. Email.
D. Code books.
E. SMS phone message.
Answer: B,C,E