918 お客様のコメント
質問 1:
A customer wants to integrate their on-premise FortiGate with their Azure infrastructure.
Which two components must be in place to configure the Azure Fabric connector? (Choose two.)
A. An outbound policy from the Azure FortiGate-VM virtual appliance.
B. An inbound policy from the Azure FortiGate-VM virtual appliance.
C. FortiGate-VM virtual appliance deployed on-premise.
D. A FortiGate-VM virtual appliance deployed in Azure.
正解:A,D
質問 2:
A company has just deployed a new FortiMail in gateway mode. The administrator is asked to strengthen e-mail protection by applying the policies shown below.
- E-mails can only be accepted if a valid e-mail account exists.
- Only authenticated users can send e-mails out
Which two actions will satisfy the requirements? (Choose two. )
A. Configure recipient address verification.
B. Configure access control rules.
C. Configure outbound recipient policies.
D. Configure inbound recipient policies.
正解:A,B
質問 3:
A company has just rolled out new remote sites and now you need to deploy a single firewall policy to all of these sites to allow Internet access using FortiManager. For this particular firewall policy, the source address object is called LAN, but its value will change according to the site the policy is being installed.
Which statement about creating the object LAN is correct?
A. Create a new object called LAN and use it as a variable on a TCL script.
B. Create a new object called LAN and set meta-fields per remote site.
C. Create a new object called LAN and promote it to the global database.
D. Create a new object called LAN and enable per-device mapping.
正解:D
質問 4:
You cannot the FortiGales default gateway 10.10.10 .1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan 1 and its IP address 10.10 .10 K74 During the troubleshooting, tests, you confirmed that you can plug other IP addresses in the 10.10.10. 0/24 subnet from the FortiGAte CLI without packets lost.
Which two CLI commands will help you to troubleshoot this problem? (Choose two.)
A. diagnose debug flow filter saddr 10.10.10.1
diagnose debug flow trace start 10
B. diagnose hardware deviceinfo nic wan1
C. diag sniffer packet wan1 'arp and host 10.10.10.1'
D. diagnose ip arp list
正解:A,D
質問 5:
You have a customer experiencing problem with a legacy L3L4 firewall device and IPV6 SIP VoIP traffic. They devices is dropping SIP packets, consequently, it process SIP voice calls. Which solution would solve the customer's problem?
A. Replace their legacy device with a FortiGate and deploy a FortiVoice to extract information from the body of the IPv6 SIP packet.
B. Replace their legacy device with a FortiGate and configure it to extract information from the body of the
IPv6 SIP packet.
C. Deploy a FortiVoice and enable IPv6 SIP.
D. Deploy a FortiVoice and enable an IPv6 SIP session helper.
正解:A
A customer wants to integrate their on-premise FortiGate with their Azure infrastructure.
Which two components must be in place to configure the Azure Fabric connector? (Choose two.)
A. An outbound policy from the Azure FortiGate-VM virtual appliance.
B. An inbound policy from the Azure FortiGate-VM virtual appliance.
C. FortiGate-VM virtual appliance deployed on-premise.
D. A FortiGate-VM virtual appliance deployed in Azure.
正解:A,D
質問 2:
A company has just deployed a new FortiMail in gateway mode. The administrator is asked to strengthen e-mail protection by applying the policies shown below.
- E-mails can only be accepted if a valid e-mail account exists.
- Only authenticated users can send e-mails out
Which two actions will satisfy the requirements? (Choose two. )
A. Configure recipient address verification.
B. Configure access control rules.
C. Configure outbound recipient policies.
D. Configure inbound recipient policies.
正解:A,B
質問 3:
A company has just rolled out new remote sites and now you need to deploy a single firewall policy to all of these sites to allow Internet access using FortiManager. For this particular firewall policy, the source address object is called LAN, but its value will change according to the site the policy is being installed.
Which statement about creating the object LAN is correct?
A. Create a new object called LAN and use it as a variable on a TCL script.
B. Create a new object called LAN and set meta-fields per remote site.
C. Create a new object called LAN and promote it to the global database.
D. Create a new object called LAN and enable per-device mapping.
正解:D
質問 4:
You cannot the FortiGales default gateway 10.10.10 .1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan 1 and its IP address 10.10 .10 K74 During the troubleshooting, tests, you confirmed that you can plug other IP addresses in the 10.10.10. 0/24 subnet from the FortiGAte CLI without packets lost.
Which two CLI commands will help you to troubleshoot this problem? (Choose two.)
A. diagnose debug flow filter saddr 10.10.10.1
diagnose debug flow trace start 10
B. diagnose hardware deviceinfo nic wan1
C. diag sniffer packet wan1 'arp and host 10.10.10.1'
D. diagnose ip arp list
正解:A,D
質問 5:
You have a customer experiencing problem with a legacy L3L4 firewall device and IPV6 SIP VoIP traffic. They devices is dropping SIP packets, consequently, it process SIP voice calls. Which solution would solve the customer's problem?
A. Replace their legacy device with a FortiGate and deploy a FortiVoice to extract information from the body of the IPv6 SIP packet.
B. Replace their legacy device with a FortiGate and configure it to extract information from the body of the
IPv6 SIP packet.
C. Deploy a FortiVoice and enable IPv6 SIP.
D. Deploy a FortiVoice and enable an IPv6 SIP session helper.
正解:A
佐藤** -
非常に質の良い問題集です。すごい高的中率です。独学で合格できました。心から感謝しております。