869 お客様のコメント
質問 1:
When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password.
If the password is forgotten, the configuration file can still be restored using which of the following methods?
A. Sending the configuration file to Fortinet Support for decryption.
B. If the password is forgotten, there is no way to use the file.
C. Selecting the recover password option during the restore process.
D. Having the password emailed to the administrative user by selecting the Forgot Password option.
正解:B
質問 2:
Which spam filter is not available on a FortiGate device?
A. Spam grey listing
B. Email addresses included in the body of known SPAM messages.
C. Sender IP reputation database
D. Spam object checksums
E. URLs included in the body of known SPAM messages.
正解:A
質問 3:
Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.) config ips sensor edit "LINUX_SERVER" set comment '' set replacemsg-group '' set log enable config entries edit 1 set action default set application all set location server
set log enable
set log-packet enable
set os Linux
set protocol all
set quarantine none
set severity all
set status default
next
end
next
end
A. The sensor will reset all connections that match these signatures.
B. The sensor will include a PCAP file with a trace of the matching packets in the log message of any matched signature.
C. The sensor only filters which IPS signatures to apply to the selected firewall policy.
D. The sensor will match all traffic from the address object "LINUX_SERVER".
E. The sensor will log all server attacks for all operating systems.
正解:B,C
質問 4:
Which of the following are valid authentication user group types on a FortiGate unit?
(Select all that apply.)
A. Directory Service
B. Local
C. PKI
D. Firewall
E. LDAP
正解:A,D
質問 5:
In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks.
Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)
A. Set the operating mode of the FortiGate unit to IPSec VPN mode.
B. Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.
C. Create firewall policies to control traffic between the IP source and destination address.
D. Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.
E. Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.
正解:B,C,D
質問 6:
A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit.
Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?
A. The FortiGate unit is being treated as a syslog device and is only permitted to send log data.
B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator.
C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges.
D. The FortiGate unit is considered an unregistered device.
正解:D
質問 7:
Selecting Create New, as shown in the exhibit, will result in what?
A. A new policy in the policy package.
B. A clone of the policy package.
C. A new policy folder.
D. A new policy package.
正解:A
質問 8:
Which statements are true regarding content archiving, also known as Data Leak Prevention (DLP) archiving? (Choose two.)
A. The DLP engine examines email, FTP, NNTP, and web traffic.
B. Allows full and summary archiving.
C. The default behavior is to do full archiving.
D. It is configured globally for all policies.
正解:A,B
質問 9:
Which of the following statements are correct regarding URL filtering on the FortiGate unit?
(Select all that apply.)
A. Any URL accessible by a web browser can be blocked using URL Filtering.
B. The allowed actions for URL Filtering are Allow and Block.
C. The FortiGate unit can filter URLs based on patterns using text and regular expressions.
D. Multiple URL Filter lists can be added to a single protection profile.
E. The allowed actions for URL Filtering include Allow, Block and Exempt.
正解:C,E
When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password.
If the password is forgotten, the configuration file can still be restored using which of the following methods?
A. Sending the configuration file to Fortinet Support for decryption.
B. If the password is forgotten, there is no way to use the file.
C. Selecting the recover password option during the restore process.
D. Having the password emailed to the administrative user by selecting the Forgot Password option.
正解:B
質問 2:
Which spam filter is not available on a FortiGate device?
A. Spam grey listing
B. Email addresses included in the body of known SPAM messages.
C. Sender IP reputation database
D. Spam object checksums
E. URLs included in the body of known SPAM messages.
正解:A
質問 3:
Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.) config ips sensor edit "LINUX_SERVER" set comment '' set replacemsg-group '' set log enable config entries edit 1 set action default set application all set location server
set log enable
set log-packet enable
set os Linux
set protocol all
set quarantine none
set severity all
set status default
next
end
next
end
A. The sensor will reset all connections that match these signatures.
B. The sensor will include a PCAP file with a trace of the matching packets in the log message of any matched signature.
C. The sensor only filters which IPS signatures to apply to the selected firewall policy.
D. The sensor will match all traffic from the address object "LINUX_SERVER".
E. The sensor will log all server attacks for all operating systems.
正解:B,C
質問 4:
Which of the following are valid authentication user group types on a FortiGate unit?
(Select all that apply.)
A. Directory Service
B. Local
C. PKI
D. Firewall
E. LDAP
正解:A,D
質問 5:
In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks.
Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)
A. Set the operating mode of the FortiGate unit to IPSec VPN mode.
B. Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.
C. Create firewall policies to control traffic between the IP source and destination address.
D. Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.
E. Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.
正解:B,C,D
質問 6:
A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit.
Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?
A. The FortiGate unit is being treated as a syslog device and is only permitted to send log data.
B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator.
C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges.
D. The FortiGate unit is considered an unregistered device.
正解:D
質問 7:
Selecting Create New, as shown in the exhibit, will result in what?
A. A new policy in the policy package.
B. A clone of the policy package.
C. A new policy folder.
D. A new policy package.
正解:A
質問 8:
Which statements are true regarding content archiving, also known as Data Leak Prevention (DLP) archiving? (Choose two.)
A. The DLP engine examines email, FTP, NNTP, and web traffic.
B. Allows full and summary archiving.
C. The default behavior is to do full archiving.
D. It is configured globally for all policies.
正解:A,B
質問 9:
Which of the following statements are correct regarding URL filtering on the FortiGate unit?
(Select all that apply.)
A. Any URL accessible by a web browser can be blocked using URL Filtering.
B. The allowed actions for URL Filtering are Allow and Block.
C. The FortiGate unit can filter URLs based on patterns using text and regular expressions.
D. Multiple URL Filter lists can be added to a single protection profile.
E. The allowed actions for URL Filtering include Allow, Block and Exempt.
正解:C,E
小笠** -
NSE5問題集の内容はわかりやすく、本番試験にも役に立ちました。一回目の試験にFortinetの商品を選択して良かった。合格ぅぅ!!