Copy and Edit

SSL-VPN

Description

NSE4 6.0 NSE4 6.0 Quiz on SSL-VPN, created by Marcos Avila on 13/09/2018.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila almost 7 years ago
468
1
0
1 2 3 4 5 (0)

Resource summary

Question 1

Question
La mayoria de las VPNs son SSL o IPsec, FortiOS soporta ambas, incluso las mas debiles en seguridad como PPTP.
Answer
  • True
  • False

Question 2

Question
SSL resides higher upon the network stack than IP and; therefore, it usually requires less bits—less bandwidth—for SSL-VPN headers.
Answer
  • True
  • False

Question 3

Question
lPsec uses some special protocols. The primary protocol is ESP, which encapsulates and encrypts UDP, RDP, HTTP, or other protocols that are inside in the lPsec tunnel.
Answer
  • True
  • False

Question 4

Question
?
Image:
Ssl (binary/octet-stream)
Answer
  • SSL-VPN
  • IPsec VPN

Question 5

Question
?
Image:
Ipsec (binary/octet-stream)
Answer
  • SSL
  • IPsec

Question 6

Question
What does a VPN do?
Answer
  • A. Extends a private network across a public network
  • B. Protects a network from external attacks

Question 7

Question
Which statements about lPsec and SSL VPNs are true?
Answer
  • A. Either an SSL-VPN or an lPsec VPN can be established between two FortiGate devices.
  • B. Either an SSL-VPN or an lPsec VPN can be established between an end-user workstation and a FortiGate device.

Question 8

Question
SSL - VPN deployment modes
Answer
  • Tunnel mode Web mode
  • Web tunnel mode

Question 9

Question
Requires only a web browser Supports a limited number of protocols: - Citrix, FTP, HTTP/HTTPS, Port Forward, RDP, SMB/CIFS, SSH, Telnet, VNC, and Ping
Answer
  • Tunnel mode
  • Web mode

Question 10

Question
Accessed through a standalone client Requires a virtual adapter on the client’s host
Answer
  • Tunnel mode
  • Web mode

Question 11

Question
Web access is the simplest SSL-VPN mode.
Answer
  • True
  • False

Question 12

Question
All traffic routes through an SSL-VPN tunnel to a remote FortiGate, then to the destination. This includes Internet traffic. An egress firewall policy is required. Traffic inspection and security features are applied.
Answer
  • Split tunneling disabled
  • Split tunneling enabled

Question 13

Question
Only traffic destined for the private network is routed through the remote FortiGate. Internet traffic uses the local gateway; unencrypted route. Conserves bandwidth and alleviates bottlenecks.
Answer
  • Split tunneling disable
  • Split tunneling enabled

Question 14

Question
A web-mode SSL-VPN user connects to a remote web server. What’s the source IP address of the HTTP request the web server receives?
Answer
  • A. The remote user's IP address
  • B. The FortiGate device's internal IP address

Question 15

Question
Which statements about tunnel-mode SSL-VPN are correct?
Answer
  • A. It supports split tunneling.
  • B. It requires a bookmarks.

Question 16

Question
A web-mode SSL-VPN user accesses internal network resources by using :
Answer
  • A. Bookmarks
  • B. FortiClient

Question 17

Question
Which of the following steps is necessary to configure SSL-VPN connections?
Answer
  • A. Create firewall policies to and from the SSL-VPN interface.
  • B. Enable event logs for SSL-VPN traffic: users, VPN, and endpoints.

Question 18

Question
What action may allow Internet access to SSL-VPN users in tunnel mode if the remote network does not have Internet access?
Answer
  • A. Enable split tunneling
  • B. Configure the DNS server to use the same as the client’s system DNS.

Question 19

Question
?
Image:
Realms (binary/octet-stream)
Answer
  • SSL-VPN Realms
  • SSL-VPN Personal bookmarks

Question 20

Question
Which statement about SSL-VPN realms is correct?
Answer
  • A. Allow access to different SSL-VPN portals by user groups.
  • B. Allow unlimited concurrent SSL-VPN users.

Question 21

Question
Which FortiGate interface allows administrators to create user-specific bookmarks?
Answer
  • A. Command line interface (CLI)
  • B. Graphical user interface (GUI)

Question 22

Question
Why is it necessary to run a client integrity check (host—chec k)?
Answer
  • A. To check whether specific security software is running on SSL-VPN users’ computers
  • B. To check whether a specific security certificate is running on SSL-VPN users’ web browsers

Question 23

Question
Which security action restricts SSL-VPN connections from users located in a specific country or region?
Answer
  • A. Restricting hosts by MAC address
  • B. Restricting hosts by IP address

Question 24

Question
To view the status of SSL-VPN acceleration, use the following command:
Answer
  • get vpn status ssl hw-acceleration-status
  • get vpn ssl status hw-acceleration

Question 25

Question
What does the SSL-VPN monitor feature allow you to do?
Answer
  • A. Monitor SSL-VPN user actions, such as authentication.
  • B. Force SSL-VPN user disconnections.

Question 26

Question
Which statements about SSL-VPN timers are correct?
Answer
  • A. SSL-VPN timers can avoid logouts when SSL-VPN users experience long network latency.
  • B. The login timeout is a non-customizable hard value.
Show full summary Hide full summary

0 comments

There are no comments, be the first and leave one below:

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

AS Psychology Unit 1 - Memory
Asterisked
Mapas mentales con ExamTime
julii.perci
GCSE AQA Biology 2 Cells & Diffusion
Lilac Potato
5 Tips for motivating your students
Jen Molte
GCSE Combined Science
Derek Cumberbatch
Factores Humanos en la Aviación
Adriana Forero
MICROSOFT WORD 2013 SKILLS FOR WORK
John O'Driscoll
Repaso Revalida PR 2016
Rodrigo Lopez
SFDC App Builder 1 (1-25)
Connie Woolard
ОБЖ2
хомяк убийца
Browse Library