FortiGate Operator 7.4

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which two settings are included in a Dynamic Host Configuration Protocol (DHCP) server configuration on FortiGate? (Choose two.)

Address range & Default gateway

Which scan technique detects known malware by matching signatures in the FortiGuard Labs database?

Antivirus scan

Which two additional features and settings can you apply to traffic after it is accepted by a firewall policy? (Choose two.)

Antivirus scanning & Application control

Which action can you take to improve the security rating provided by the Fortinet Security Fabric?

Apply one or more of the suggested best practices.

What are two reasons why FortiGate Secure Socket Layer Virtual Private Network (SSL VPN) is considered cost-effective compared to other vendors? (Choose two.)

Because it does not require an additional license. & Because the number of remote users is determined by the model.

How does an IPS protect networks from threats?

By analyzing traffic and identifying potential threats

What protocol is used to dynamically create IPSec VPN tunnels?

Internet Key Exchange Version 2 (IKEv2)

What are two activities that cybercriminals can perform using malware? (Choose two.)

Steal intellectual property & Extort money

How does FortiGate handle blocked websites in web filtering using FortiGuard category filters?

Users are redirected to a replacement message indicating the website is blocked.

When is remote authentication preferred over local authentication?

When multiple FortiGate devices need to authenticate the same users or user groups

Excluding the steps for tuning the sensors, what is the last step involved in configuring IPS on FortiGate?

Wrong answer Enabling SSL inspection for the traffic of interest

To avoid certificate errors, which field settings must be included in a Secure Sockets Layer (SSL) certificate issued by a certificate authority (CA)?

basicConstraints: CA:TRUE and keyUsage: keyCertSign

Which two items should you configure as the source of a firewall policy, to allow all internal users in a small office to access the internet? (Choose two.)

Users or user groups & The IP subnet of the LAN

What functionality does FortiGate provide to establish secure connections between a main office and its remote branches, over the internet?

Virtual private networks

What is the purpose of firewall policies on FortiGate?

To control network traffic

How are websites filtered using FortiGuard category filters?

By blocking access based on the website content

What is the recommended process to configure FortiGate for remote authentication for user identification?

Create a user group, map authenticated remote users to the group, and configure a firewall policy with the user group as the source.

Which two steps are involved in configuring web filtering based on FortiGuard category filters? (Choose two.)

Create a web filtering security profile using FortiGuard category-based filters. & Apply the web filter security profile to the appropriate firewall policy.

What are two consequences of allowing a FortiGate license to expire? (Choose two.)

Disruption of network services and potential legal issues & Loss of access to software updates and technical support

What is the potential security risk associated with Hypertext Transfer Protocol Secure (HTTPS)?

Encrypted malicious traffic

Which inspection mode processes and forwards each packet, without waiting for the complete file or web page?

Flow-based inspection

Which two protocols can you use for administrative access on a FortiGate interface?

Hypertext Transfer Protocol Secure (HTTPS) and Secure Shell (SSH)

When upgrading the FortiGate firmware, why is it important to follow the recommended upgrade path?

It ensures the compatibility and stability of the device.

What is the main advantage of using Secure Socket Layer Virtual Private Network (SSL VPN) in web mode?

It is a numerical value based on device settings and best practices.

What is the security rating in the Fortinet Security Fabric, and how is it calculated?

It is a numerical value based on device settings and best practices.

Which actions can you apply to application categories in the Application Control profile?

Monitor, allow, block, or quarantine

In addition to central processing unit (CPU) and memory usage, what are two other key performance parameters you should monitor on FortiGate?

Number of SSL sessions

What is the key difference between Secure Sockets Layer (SSL) certificate inspection and SSL deep inspection?

SSL certificate inspection applies to only HTTPS traffic, while SSL deep inspection applies to multiple SSL-encrypted protocols.

Which piece of information does FortiGate know about the user without firewall authentication?

The source IP address

Why is the order of firewall policies important?

To ensure more granular policies are checked and applied before more general policies

What is the purpose of creating a firewall address object?

To match the source or destination IP subnet

What are two reasons why organizations and individuals use web filtering? (Choose two.)

To prevent network congestion & To preserve employee productivity

Why is it important to back up FortiGate system configurations regularly?

To save time and effort in case of a hardware failure

Which two options can you use for centralized logging when you configure the Fortinet Security Fabric? (Choose two.)

FortiAnalyzer

When configuring antivirus scanning on a firewall policy, which antivirus item should you select?

Antivirus profile

What are some of the features provided by IPSec VPNs?

Data authentication and data integrity

How does the FortiGate intrusion prevention system (IPS) use signatures to detect malicious traffic?

By comparing network packets to known threats

How does FortiGate application control address evasion techniques used by peer-to-peer protocols?

By monitoring traffic for known patterns

How can administrators track successful authentication attempts in FortiGate?

By reviewing the logs and dashboards

How can you modify the security settings of a VPN tunnel created from a template in FortiGate?

Edit the template directly

You need to examine the logs related to local users watching YouTube videos. Where can you find those logs?

Log and Report > Security Events > Application Control

What are two benefits of performing regular maintenance on FortiGate firewalls? (Choose two.)

Prevent security breaches in your organization.

Why is Secure Socket Layer (SSL) inspection necessary for the intrusion prevention system (IPS) to detect threats in encrypted traffic?

SSL inspection allows the IPS to detect and analyze encrypted threats

When configuring a static route on FortiGate, what does the destination represent?

The network or host to which traffic will be forwarded

Why is it recommended that you use user groups instead of individual user accounts in a firewall policy?

User groups simplify the firewall configuration.

What is grayware?

Unsolicited programs installed without user consent


Ensembles d'études connexes

Anatomy and Physiology 2 Chapter 25 True/False

View Set

Chapter 05: Navigating the Global Environment

View Set

Chapter 41 NCLEX-Style Review Questions

View Set

Watsons Questions Chapter 15 Study

View Set

Chapter 38: Nursing Care of the Child with an Alteration in Intracranial Regulation/Neurologic Disorder

View Set

Chapter 4 Accounting 2010 practice with book

View Set

The General Agreement on Tariffs and Trade

View Set

Client rights, advocacy, informed consent, advance directives, confidentiality and information security, information technology, legal practice, disruptive behavior

View Set

Consumer Economics Chapter 11 Test Review

View Set

Combo with apush chapter 23-26 practice questions set #1 and 1 other

View Set

Understanding Agency Law - Chapter 9

View Set