LAB 2 - Firewall Policies Quiz

Description

Fortigate Quiz on LAB 2 - Firewall Policies Quiz, created by Marcos Avila on 20/10/2017.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila over 6 years ago
284
1

Resource summary

Question 1

Question
What statement is true regarding the Policy Lookup feature?
Answer
  • Searches matching policy based on input criteria
  • Allows traffic to pass through FortiGate based on input criteria, even when there is no firewall policy allowing it
  • Enables extended logging on the firewall policy based on input criteria
  • Creates packet capture in Wireshark format based on input criteria

Question 2

Question
Which FortiGate interface does source device type enable device detection on?
Answer
  • Both source interface and destination interface of the firewall policy
  • All interfaces of FortiGate
  • Destination interface of the firewall policy only
  • Source interface of the firewall policy only

Question 3

Question
Which statements are true regarding device identification? (Choose two.)
Answer
  • Agent-based (FortiCIient) devices use the HTTP user-agent header to identify devices.
  • Agentless devices are indexed by their MAC address.
  • Agent-based (FortiCIient) devices are tracked by their FortiCIient unique ID
  • Only agent—based device identification techniques are supported.

Question 4

Question
Which statements correctly define Policy ID and policy Sequence number for firewall policies? (Choose two.)
Answer
  • A policy sequence number defines the order in which rules are processed.
  • A policy ID number is required to modify a firewall policy from the CLI.
  • A policy ID number changes when policies are re-ordered.
  • A policy sequence number reflects the number of objects used in the firewall policy.

Question 5

Question
Which statements are true regarding incoming and outgoing interfaces in firewall policies? (Choose two.)
Answer
  • Multiple interfaces can be selected as incoming and outgoing interfaces.
  • An incoming interface is mandatory in a firewall policy, but an outgoing interface is optional.
  • Only the any interface can be chosen as an incoming interface.
  • A zone can be chosen as the outgoing interface.

Question 6

Question
Examine the CLI configuration. What does this configuration do? (Choose two.) config system setting set ses—denied—traffic enable end
Answer
  • It creates a session for traffic being denied.
  • It sends an alert notification to the administrator upon detecting denied traffic.
  • It reduces the amount of logs generated by denied traffic.
  • A log message will only generate if there is a security event.

Question 7

Question
What criteria does FortiGate use to match traffic to a firewall policy? (Choose two.)
Answer
  • Source and destination interfaces
  • Logging settings
  • Security profiles
  • Network services

Question 8

Question
Which statements are true regarding the By Sequence View for firewall policies? (Choose two.)
Answer
  • Does not show the source interface column
  • ls still available even when the any interface is being used in one or more firewall policies
  • Lists firewall policies primarily by their policy sequence number
  • ls disabled if any firewall policy has its status set to disable

Question 9

Question
What must be selected in the Source field of a firewall policy?
Answer
  • At least one source user or user group object
  • At least one address object
  • At least one device object
  • At least one source user, one source device, and one source address object

Question 10

Question
What statement is true regarding the Service setting in a firewall policy?
Answer
  • It is optional to add a service in a firewall policy.
  • It matches the traffic by port number.
  • Only one service object can be added to the firewall policy.
  • Administrators cannot create custom services objects.
Show full summary Hide full summary

Similar

Girls' and Boys' Education - A Mind Map_1
meriya77
French Tense Endings
James Hoyle
GROUPED DATA FREQUENCY TABLES: MODAL CLASS AND ESTIMATE OF MEAN
Elliot O'Leary
Religious Language
michellelung2008
ICT Key Terms Quiz - Part 1
Mr Mckinlay
A Christmas Carol Quotes
0serenityrose0
AP Psychology Practice Exam
Jacob Simmons
Topic 1 Quiz - Elements & The Periodic Table
Musicdudejoe
Examen II Salesforce Developer
Youssef Ahmani
1PR101 2.test - Část 17.
Nikola Truong
Pega CSSA 7.2 Dumps
Kavya Virupaksha