Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. File attachments
B. Message headers
C. TCP connection
D. Message body
正解:C
質問 2:
In HA, what is the effect of the Disconnect Cluster Member command as given in the Exhibit.
A. Port3 is configured with an IP address for management access.
B. The Firewall rules are purged on the disconnected unit.
C. The HA mode changes to standalone.
D. All other interface IP settings are maintained.
正解:A,C
質問 3:
The diag sys session list command is executed in the CLI. The output of this command is shown in the exhibit.
Based on the output from this command, which of the following statements is correct?
A. This session matches a firewall policy with ID 5.
B. This is a UDP session.
C. This traffic has been authenticated.
D. Traffic shaping is being applied to this session.
E. This is an ICMP session.
正解:D
質問 4:
Which of the following statements is correct about configuring web filtering overrides?
A. Admin overrides require an administrator to manually allow pending override requests which are listed in the Override Monitor.
B. The Override option for FortiGuard Web Filtering is available for any user group type.
C. The Override Scopes of User and User Group are only for use when Firewall Policy Authentication is also being used.
D. Using Web Filtering Overrides requires the use of Firewall Policy Authentication.
正解:C
質問 5:
A network administrator needs to implement dynamic route redundancy between a FortiGate unit located in a remote office and a FortiGate unit located in the central office.
The remote office accesses central resources using IPSec VPN tunnels through two different Internet providers.
What is the best method for allowing the remote office access to the resources through the FortiGate unit used at the central office?
A. Use two or more policy-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces.
B. Use two or more route-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces.
C. Use route-based VPNs on the central office FortiGate unit to advertise routes with a dynamic routing protocol and use a policy-based VPN on the remote office with two or more static default routes.
D. Dynamic routing protocols cannot be used over IPSec VPN tunnels.
正解:B
質問 6:
Which of the following statements are correct regarding virtual domains (VDOMs)? (Select all that apply.)
A. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.
B. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.
C. VDOMs share firmware versions, as well as antivirus and IPS databases.
D. Only administrative users with a 'super_admin' profile will be able to enter multiple VDOMs to make configuration changes.
正解:A,B,C
質問 7:
In the Tunnel Mode widget of the web portal, the administrator has configured an IP Pool and enabled split tunneling.
Which of the following statements is true about the IP address used by the SSL VPN client?
A. The IP pool specified in the SSL-VPN Tunnel Mode Widget Options will override the IP address range defined in the SSL-VPN Settings.
B. The IP address range specified in SSL-VPN Settings will override the IP address range in the SSL-VPN Tunnel Mode Widget Options.
C. Because split tunneling is enabled, no IP address needs to be assigned for the SSL VPN tunnel to be established.
正解:A
質問 8:
Which of the following Session TTL values will take precedence?
A. Session TTL specified at the system level for that port number
B. Session TTL specified in the matching firewall policy
C. The default session TTL specified at the system level
D. Session TTL dictated by the application control list associated with the matching firewall policy
正解:D
質問 9:
An administrator is examining the attack logs and notices the following entry:
device_id=FG100A3907508962 log_id=18432 subtype=anomaly type=ips timestamp=1270017358 pri=alert itime=1270017893 severity=critical src=192.168.1.52 dst=64.64.64.64 src_int=internal serial=0 status=clear_session proto=6 service=http vd=root count=1 src_port=35094 dst_port=80 attack_id=100663402 sensor=protect-servers ref=http://www.fortinet.com/ids/VID100663402 msg="anomaly: tcp_src_session, 2 > threshold 1" policyid=0 carrier_ep=N/A profile=N/A dst_int=N/A user=N/A group=N/A
Based solely upon this log message, which of the following statements is correct?
A. This attack was launched against the FortiGate unit itself rather than a host behind the FortiGate unit.
B. This attack was blocked by the HTTP protocol decoder.
C. This attack was caught by the DoS sensor "protect-servers".
D. The number of concurrent connections to destination IP address 64.64.64.64 has exceeded the configured threshold.
正解:C
緑川** -
仕事が忙しいので、試験に準備する時間が足りない。でも、FCNSPのPDF版問題集を購入して、電車の中で勉強できる。二週間に勉強して、試験に高い点数で合格しました!ありがとうございました!