FCA - Operator Exam Q's

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

How does an IPS protect networks from threats?

By analyzing traffic and identifying potential threats

How are websites filtered using FortiGuard category filters?

By blocking access based on the website content

What are some of the features provided by IPSec VPNs?

Data authentication and data integrity

What is a recommended best practice when configuring Secure Socket Layer Virtual Private Network (SSL VPN)?

Use the principle of least privilege.

How does FortiGate handle blocked websites in web filtering using FortiGuard category filters?

Users are redirected to a replacement message indicating the website is blocked.

To avoid certificate errors, which field settings must be included in a Secure Sockets Layer (SSL) certificate issued by a certificate authority (CA)?

basicConstraints: CA:TRUE and keyUsage: keyCertSign

What functionality does FortiGate provide to establish secure connections between a main office and its remote branches, over the internet?

VPNs

Which inspection mode examines traffic as a whole before determining an action?

Proxy based

Why is it important to back up FortiGate system configurations regularly?

To save time and effort in case of a hardware failure

Which two additional features and settings can you apply to traffic after it is accepted by a firewall policy? (Choose two.)

Antivirus Scanning and

When configuring antivirus scanning on a firewall policy, which antivirus item should you select?

Antivirus profile

Which scan technique detects known malware by matching signatures in the FortiGuard Labs database?

Antivirus scan

Which two steps are involved in configuring web filtering based on FortiGuard category filters? (Choose two.)

Apply the web filter security profile to the appropriate firewall policy AND Create a web filtering security profile using FortiGuard category-based filters.

Excluding the steps for tuning the sensors, what is the last step involved in configuring IPS on FortiGate?

Applying the sensor to a firewall policy

What is a scenario where automation is used in the Fortinet Security Fabric?

Automatically quarantining a computer with malicious activity

What are two reasons why FortiGate Secure Socket Layer Virtual Private Network (SSL VPN) is considered cost-effective compared to other vendors? (Choose two.)

Because it does not require an additional license. Because the number of remote users is determined by the model.

How does FortiGate application control address evasion techniques used by peer-to-peer protocols?

By monitoring traffic for known patterns

How can administrators track successful authentication attempts in FortiGate?

By reviewing the logs and dashboards

What is the recommended process to configure FortiGate for remote authentication for user identification?

Create a user group, map authenticated remote users to the group, and configure a firewall policy with the user group as the source.

What is the potential security risk associated with Hypertext Transfer Protocol Secure (HTTPS)?

Encrypted malicious traffic

What are two activities that cybercriminals can perform using malware? (Choose two.)

Extort Money and Steal Intellectual Property

Which inspection mode processes and forwards each packet, without waiting for the complete file or web page?

Flow-based inspection

Which two options can you use for centralized logging when you configure the Fortinet Security Fabric? (Choose two.)

FortiAnalyzer and FortiGate Cloud

What causes a web browser to display a certificate warning when using Secure Sockets Layer (SSL) deep inspection with the FortiGate CA certificate?

FortiGate is using a CA that is not trusted by the web browser.

When upgrading the FortiGate firmware, why is it important to follow the recommended upgrade path?

It ensures the compatibility and stability of the device.

What is the security rating in the Fortinet Security Fabric, and how is it calculated?

It is a numerical value based on device settings and best practices.

You need to examine the logs related to local users watching YouTube videos. Where can you find those logs?

Log and Report > Security Events > Application Control

What are two consequences of allowing a FortiGate license to expire? (Choose two.)

Loss of access to software updates and technical support and

Which actions can you apply to application categories in the Application Control profile?

Monitor, allow, block, or quarantine

What is the main advantage of using Secure Socket Layer Virtual Private Network (SSL VPN) in web mode?

No need to install client software

In addition to central processing unit (CPU) and memory usage, what are two other key performance parameters you should monitor on FortiGate? (Choose two.)

Number of SSL sessions Number of active VPN tunnels

In which architecture is the need to control application traffic becoming increasingly relevant?

Peer-to-peer architecture

What are two benefits of performing regular maintenance on FortiGate firewalls? (Choose two.)

Prevent security breaches in your organization and Meet

Why is Secure Socket Layer (SSL) inspection necessary for the intrusion prevention system (IPS) to detect threats in encrypted traffic?

SSL inspection allows the IPS to detect and analyze encrypted threats.

How do you configure an internet service as the destination in a firewall policy?

Select the service from the ISDB.

When configuring a static route on FortiGate, what does the destination represent?

The network or host to which traffic will be forwarded

What is the purpose of firewall policies on FortiGate?

To control network traffic

Why is the order of firewall policies important?

To ensure more granular policies are checked and applied before more general policies

What is the purpose of the FortiGuard Labs signature database?

To keep FortiGate firewalls protected against the latest malware variants

What are two reasons why organizations and individuals use web filtering? (Choose two.)

To prevent network congestion and To preserve employee productivity

What protocol is used to dynamically create IPSec VPN tunnels?

Internet Key Exchange Version 2 (IKEv2)

Which two items should you configure as the source of a firewall policy, to allow all internal users in a small office to access the internet? (Choose two.)

User or User groups and The IP subnet of the LAN

What is grayware?

Unsolicited programs installed without user consent

Which two settings are included in a Dynamic Host Configuration Protocol (DHCP) server configuration on FortiGate? (Choose two.)

Address range and Default Gateway


Ensembles d'études connexes

Ch 7 CMA Exam Review - Nutrition

View Set

Urinalysis & Other Body Fluids (Review)

View Set

6.EE.2c Evaluate expressions given a value for the variable

View Set

Principles of Computer Programming Vocabulary

View Set

What are the advantages and disadvantages of representative democracy?

View Set

AP Biology Fall Semester Final Exam Review

View Set