Marcos Avila
Quiz by , created more than 1 year ago

NSE4 6.0 NSE4 6.0 Quiz on Virtual Domains, created by Marcos Avila on 20/07/2018.

316
1
0
Marcos Avila
Created by Marcos Avila almost 6 years ago
Close

Virtual Domains

Question 1 of 16

1

Some system daemons, such as NTP and FortiGuard updates, generate traffic coming from FortiGate. All the VDOMs on a FortiGate device have assigned the role of the management VDOM. Traffic coming from FortiGate to those global services originates from the management VDOM. By default, the VDOM root acts as the management VDOM, but you can manually reassign this task to a different VDOM.

Select one of the following:

  • True
  • False

Explanation

Question 2 of 16

1

What traffic is always generated from the management VDOM?

Select one of the following:

  • a. Link Health Monitor

  • b. FortiGuard

Explanation

Question 3 of 16

1

Which of the following statements about the management VDOM is true?

Select one of the following:

  • a. It is root by default and cannot be changed.

  • b. It is root by default, but can be changed to any VDOM.

Explanation

Question 4 of 16

1

VDOM

Select one of the following:

  • Virtual Domain

  • Virtual Direct Main

Explanation

Question 5 of 16

1

Which type of administrator can make changes to all VDOMS?

Select one of the following:

  • a. A customer VDOM administrator

  • b. An administrator with the super_admin profile

Explanation

Question 6 of 16

1

Which of the following statements about VDOM administrators is true?

Select one of the following:

  • a. There can be only one administrator per VDOM.

  • b. Each VDOM can have multiple administrators.

Explanation

Question 7 of 16

1

Afiect all configured VDOMs: (Select 5)

Select one or more of the following:

  • Hostname

  • HA settings

  • FortiGuard settings

  • System time

  • Administrative accounts

  • IP Interface

  • Fortiguard account

  • Unit serial number

Explanation

Question 8 of 16

1

Configured separately, in each VDOM: (Select 5)

Select one or more of the following:

  • Operating mode (transparent, NAT/route)

  • Inspection mode (flow—based, proxy—based)

  • Routes and network interfaces

  • Firewall policies

  • Security profiles

  • Hostname

  • VPN

Explanation

Question 9 of 16

1

Which of the following configuration settings are global settings?

Select one of the following:

  • a. Firewall policies

  • b. FortiGuard settings

Explanation

Question 10 of 16

1

Which of the following configuration settings are per VDOM settings?

Select one of the following:

  • a. Host name

  • b. Inspection mode

Explanation

Question 11 of 16

1

Complete:

Note that similar to using inter—VLAN routing, Layer 3 must be involved-you cannot create an inter—VDOM link between Layer 2 transparent mode VDOMs.

Select one of the following:

  • At least one of the VDOMs must be operating in NAT mode. This, among other benefits, prevents potential Layer 2 loops.

  • At least one of the VDOMs must be operating in transparent mode. This, among other benefits, prevents potential Layer 2 loops.

Explanation

Question 12 of 16

1

For a FortiGate device with two NP4 or NP6 processors, there are two accelerated inter—VDOM links, each with two interfaces:

Select one of the following:

  • -npu0_vlink:
    npu0_vlink0
    npu0_vlink1

    -npu1_vlink:
    npu1_vlink0
    npu1_vlink1

  • asic0_vlink:
    npu0_vlink0
    npu0_vlink1
    asic1_vlink:
    npu1_vlink0
    npu1_vlink1

Explanation

Question 13 of 16

1

Which is a requirement for creating an inter—VDOM link between two VDOMs?

Select one of the following:

  • a. The inspection mode of at least one VDOM must be proxy based.

  • b. At least one of the VDOMs must be operating in NAT mode.

Explanation

Question 14 of 16

1

Which type of VDOM link requires that both sides of the link be in the same IP subnet?

Select one of the following:

  • a. NAT—to—transparent

  • b. NAT-to-NAT

Explanation

Question 15 of 16

1

Of these options, which one is a possible reason why an administrator might not be able to gain access to a specific VDOM?

Select one of the following:

  • a. The administrator is using an IP address not specified as a trusted host.

  • b. The administrat0r is using the Super_Admin profile.

Explanation

Question 16 of 16

1

Which troubleshooting tool is best suited when trying to verify the firewall policy used by an inter-VDOM link?

Select one of the following:

  • a. Sniffer trace

  • b. Packet flow trace

Explanation

Previous
Check answer
Next