10982674
Descripción
Test por Marcos Avila, actualizado hace más de 1 año
|
Creado por Marcos Avila
hace más de 6 años
|
|
Pregunta 1
Pregunta
What statement is true regarding the Policy Lookup feature?
Respuesta
-
Searches matching policy based on input criteria
-
Allows traffic to pass through FortiGate based on input criteria, even when there is no firewall policy allowing it
-
Enables extended logging on the firewall policy based on input criteria
-
Creates packet capture in Wireshark format based on input criteria
Pregunta 2
Pregunta
Which FortiGate interface does source device type enable device detection on?
Respuesta
-
Both source interface and destination interface of the firewall policy
-
All interfaces of FortiGate
-
Destination interface of the firewall policy only
-
Source interface of the firewall policy only
Pregunta 3
Pregunta
Which statements are true regarding device identification? (Choose two.)
Respuesta
-
Agent-based (FortiCIient) devices use the HTTP user-agent header to identify devices.
-
Agentless devices are indexed by their MAC address.
-
Agent-based (FortiCIient) devices are tracked by their FortiCIient unique ID
-
Only agent—based device identification techniques are supported.
Pregunta 4
Pregunta
Which statements correctly define Policy ID and policy Sequence number for firewall policies? (Choose two.)
Respuesta
-
A policy sequence number defines the order in which rules are processed.
-
A policy ID number is required to modify a firewall policy from the CLI.
-
A policy ID number changes when policies are re-ordered.
-
A policy sequence number reflects the number of objects used in the firewall policy.
Pregunta 5
Pregunta
Which statements are true regarding incoming and outgoing interfaces in firewall policies? (Choose two.)
Respuesta
-
Multiple interfaces can be selected as incoming and outgoing interfaces.
-
An incoming interface is mandatory in a firewall policy, but an outgoing interface is optional.
-
Only the any interface can be chosen as an incoming interface.
-
A zone can be chosen as the outgoing interface.
Pregunta 6
Pregunta
Examine the CLI configuration. What does this configuration do? (Choose two.)
config system setting
set ses—denied—traffic enable
end
Respuesta
-
It creates a session for traffic being denied.
-
It sends an alert notification to the administrator upon detecting denied traffic.
-
It reduces the amount of logs generated by denied traffic.
-
A log message will only generate if there is a security event.
Pregunta 7
Pregunta
What criteria does FortiGate use to match traffic to a firewall policy? (Choose two.)
Respuesta
-
Source and destination interfaces
-
Logging settings
-
Security profiles
-
Network services
Pregunta 8
Pregunta
Which statements are true regarding the By Sequence View for firewall policies? (Choose two.)
Respuesta
-
Does not show the source interface column
-
ls still available even when the any interface is being used in one or more firewall policies
-
Lists firewall policies primarily by their policy sequence number
-
ls disabled if any firewall policy has its status set to disable
Pregunta 9
Pregunta
What must be selected in the Source field of a firewall policy?
Respuesta
-
At least one source user or user group object
-
At least one address object
-
At least one device object
-
At least one source user, one source device, and one source address object
Pregunta 10
Pregunta
What statement is true regarding the Service setting in a firewall policy?
Respuesta
-
It is optional to add a service in a firewall policy.
-
It matches the traffic by port number.
-
Only one service object can be added to the firewall policy.
-
Administrators cannot create custom services objects.
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.