Which of the following are valid components of the Fortinet Server Authentication Extensions (FSAE)?
(Select all that apply.)
A. Domain Local Security Agent.
B. Domain Controller Agent.
C. Collector Agent.
D. Active Directory Agent.
E. User Authentication Agent.
正解:B,C
質問 2:
The eicar test virus is put into a zip archive, which is given the password of "Fortinet" in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows.
Exhibit A - Antivirus Profile:
Exhibit B - Non-default UTM Proxy Options Profile:
Exhibit C - DLP Profile:
Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?
A. Only Exhibit A
B. Only Exhibit C with default UTM Proxy settings.
C. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).
D. All of the Exhibits (A, B and C)
E. Only Exhibit B
正解:B
質問 3:
What methods can be used to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)
A. Code blocks
B. SMS phone message
C. FortiToken
D. Email
E. Browser pop-up window
正解:B,C,D
質問 4:
A network administrator needs to implement dynamic route redundancy between a FortiGate unit located in a remote office and a FortiGate unit located in the central office.
The remote office accesses central resources using IPSec VPN tunnels through two different Internet providers.
What is the best method for allowing the remote office access to the resources through the FortiGate unit used at the central office?
A. Use two or more policy-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces.
B. Use two or more route-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces.
C. Use route-based VPNs on the central office FortiGate unit to advertise routes with a dynamic routing protocol and use a policy-based VPN on the remote office with two or more static default routes.
D. Dynamic routing protocols cannot be used over IPSec VPN tunnels.
正解:B
質問 5:
Which two statements are true regarding firewall policy disclaimers? (Choose two.)
A. They can only be applied to wireless interfaces.
B. The disclaimer page is customizable.
C. Users must accept the disclaimer to continue.
D. They cannot be used in combination with user authentication.
正解:B,C
質問 6:
Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)
A. Directory Service
B. Local
C. PKI
D. Firewall
E. LDAP
正解:A,D
質問 7:
What are valid options for handling DNS requests sent directly to a FortiGates interface IP? (Choose three.)
A. Forward-only.
B. Iterative.
C. Conditional-forward.
D. Recursive.
E. Non-recursive.
正解:A,D,E
Kobayashi -
まず、落ちることはないと思います。Pass4Testさん、感謝です。素晴らしいNSE4-5.4対策書です。同僚にお勧めしました。ありがとうございました。