Page: 1
/ 22
Total 106 questions
Which two statements about FortiGate FSSO agentless polling mode are true? (Choose two.)
- A. FortiGate uses the AD server as the collector agent.
- B. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
- C. FortiGate does not support workstation check.
- D. FortiGate directs the collector agent to use a remote LDAP server.
Answer : AB
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax.
Which two syntaxes are correct to configure web rating override for the home page? (Choose two.)
- A. www.exaple.com
- B. www.example.com/index.html
- C. example.com
- D. www.example.com:443
Answer : AC
When using FortiGuard category filtering to allow or block access to a website, one option is to make a web rating override and define the website in a different category. Web ratings are only for host names— "no URLs or wildcard characters are allowed".
Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).
Exhibit A.
Exhibit B.
Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?
- A. The flow-based inspection is used, which resets the last packet to the user.
- B. The volume of traffic being inspected is too high for this model of FortiGate.
- C. The firewall policy performs the full content inspection on the file.
- D. The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.
Answer : A
Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)
- A. FortiSandbox
- B. FortiCloud
- C. FortiSIEM
- D. FortiCache
- E. FortiAnalyzer
Answer : BCE
Reference: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/265052/logging-and-reporting-overview
Which statement correctly describes NetAPI polling mode for the FSSO collector agent?
- A. NetAPI polling can increase bandwidth usage in large networks.
- B. The NetSessionEnum function is used to track user logouts.
- C. The collector agent must search security event logs.
- D. The collector agent uses a Windows API to query DCs for user logins.
Answer : A
Reference: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD34906&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=210966035&stateId=1%200%20210968009%27)
31 days access 