Q1. - (Topic 1)
Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.)
A. When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory.
B. When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages.
C. If the FortiGate unit is reset or loses power, log entries captured to memory will be lost.
D. None of the above.
Answer: B,C
Q2. - (Topic 3)
You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from either side to be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate unit already has a default route.
Which of the following configuration steps are required to achieve these objectives? (Select all that apply.)
A. Create one firewall policy.
B. Create two firewall policies.
C. Add a route for the remote subnet.
D. Add a route for incoming traffic.
E. Create a phase 1 definition.
F. Create a phase 2 definition.
Answer: B,C,E,F
Q3. - (Topic 1)
Caching improves performance by reducing FortiGate unit requests to the FortiGuard server.
Which of the following statements are correct regarding the caching of FortiGuard responses? (Select all that apply.)
A. Caching is available for web filtering, antispam, and IPS requests.
B. The cache uses a small portion of the FortiGate system memory.
C. When the cache is full, the least recently used IP address or URL is deleted from the cache.
D. An administrator can configure the number of seconds to store information in the cache before the FortiGate unit contacts the FortiGuard server again.
E. The size of the cache will increase to accomodate any number of cached queries.
Answer: B,C,D
Q4. - (Topic 1)
A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode?
A. Proxy
B. DNS
C. Flow-based
D. Man-in-the-middle
Answer: C
Q5. - (Topic 3)
What advantages are there in using a fully Meshed IPSec VPN configuration instead of a hub and spoke set of IPSec tunnels?
A. Using a hub and spoke topology is required to achieve full redundancy.
B. Using a full mesh topology simplifies configuration.
C. Using a full mesh topology provides stronger encryption.
D. Full mesh topology is the most fault-tolerant configuration.
Answer: D
Q6. - (Topic 1)
What are the valid sub-types for a Firewall type policy? (Select all that apply)
A. Device Identity
B. Address
C. User Identity
D. Schedule
E. SSL VPN
Answer: A,B,C
Q7. - (Topic 3)
Which of the following report templates must be used when scheduling report generation?
A. Layout Template
B. Data Filter Template
C. Output Template
D. Chart Template
Answer: A
Q8. - (Topic 1)
Examine the firewall configuration shown below; then answer the question following it.
Which of the following statements are correct based on the firewall configuration illustrated in the exhibit? (Select all that apply.)
A. A user can access the Internet using only the protocols that are supported by user authentication.
B. A user can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP. These require authentication before the user will be allowed access.
C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access any services.
D. A user cannot access the Internet using any protocols unless the user has passed firewall authentication.
Answer: A,D
Q9. - (Topic 1)
SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website?
A. The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user's workstation.
B. Disable the strict server certificate check in the web browser under Internet Options.
C. Enable transparent proxy mode on the FortiGate unit.
D. Enable NTLM authentication on the FortiGate unit. NTLM authentication suppresses the certificate warning messages in the web browser.
Answer: A
Q10. - (Topic 1)
Which of the following network protocols are supported for administrative access to a FortiGate unit?
A. HTTPS, HTTP, SSH, TELNET, PING, SNMP
B. FTP, HTTPS, NNTP, TCP, WINS
C. HTTP, NNTP, SMTP, DHCP
D. Telnet, FTP, RLOGIN, HTTP, HTTPS, DDNS
E. Telnet, UDP, NNTP, SMTP
Answer: A