Examine the following spanning tree configuration on a FortiGate in transparent mode:
config system interface
edit <interface name>
set stp-forward enable
end
Which statement is correct for the above configuration?
A. The FortiGate participates in spanning tree.
B. The FortiGate device forwards received spanning tree messages.
C. Ethernet layer-2 loops are likely to occur.
D. The FortiGate generates spanning tree BPDU frames.
Answer: B
You are the administrator in charge of a point-to-point IPsec VPN between two FortiGate units using route-based mode. Users from either side must be able to initiate new sessions with no restrictions. There is only 1 subnet at either end and the FortiGate already has a default route.
Which two configuration steps are required in each FortiGate to achieve these objectives? (Choose two.)
A. Create one firewall policy.
B. Create two firewall policies.
C. Add a route to the remote subnet.
D. Add two IPsec phases 2.
Answer: BC
Monday, 24 February 2020
Tuesday, 1 October 2019
Fortinet NSE4 Questions Answers
A fortiGate is operating in NAT/Route mode and configured with two virtual LAN (VLAN) sub-interfaces added to the same physical interface. Which one of the following statements is regarding the VLAN IDs in this scenario?
A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.
B. The two VLAN sub-interfaces must have different VLAN IDs.
C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.
D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.
Answer: B
Which statement describes what the CLI command diagnose debug authd fsso list is used for?
A. Monitors communications between the FSSO collector agent and FortiGate unit.
B. Displays which users are currently logged on using FSSO.
C. Displays are listing of all connected FSSO collector agents.
D. Lists all DC Agents installed on all domain controllers.
Answer: B
A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.
B. The two VLAN sub-interfaces must have different VLAN IDs.
C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.
D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.
Answer: B
Which statement describes what the CLI command diagnose debug authd fsso list is used for?
A. Monitors communications between the FSSO collector agent and FortiGate unit.
B. Displays which users are currently logged on using FSSO.
C. Displays are listing of all connected FSSO collector agents.
D. Lists all DC Agents installed on all domain controllers.
Answer: B
Friday, 14 December 2018
Fortinet NSE4 Questions Answers
When the SSL proxy is NOT doing man-in-the-middle interception of SSL traffic, which certificate field can be used to determine the rating of a website?
A. Organizational Unit.
B. Common name.
C. Serial Number.
D. Validity.
Answer: B
Which IPSec mode includes the peer id information in the first packet?
A. Main mode.
B. Quick mode.
C. Aggressive mode.
D. IKEv2 mode.
Answer: C
A. Organizational Unit.
B. Common name.
C. Serial Number.
D. Validity.
Answer: B
Which IPSec mode includes the peer id information in the first packet?
A. Main mode.
B. Quick mode.
C. Aggressive mode.
D. IKEv2 mode.
Answer: C
Wednesday, 25 July 2018
Fortinet NSE4 Question Answer
If there are no changes in the routing table and in the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate in NAT /Route mode, when searching for a suitable gateway?
A. A lookup is done only when the first packet coming from the client (SYN) arrives.
B. A lookup is done when the first packet coming from the client (SYN) arrives, and a second one is performed when the first packet coming from the server (SYN/ACK) arrives.
C. Three lookups are done during the TCP 3-way handshake (SYN, SYN/ACK, ACK).
D. A lookup is always done each time a packet arrives, from either the server or the client side.
Answer: B
Review the configuration for FortiClient IPsec shown in the exhibit.
Which statement is correct regarding this configuration?
A. The connecting VPN client will install a route to a destination corresponding to the student internal address object.
B. The connecting VPN client will install a default route.
C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range.
D. The connecting VPN client will connect in web portal mode and no route will be installed.
Answer: A
A. A lookup is done only when the first packet coming from the client (SYN) arrives.
B. A lookup is done when the first packet coming from the client (SYN) arrives, and a second one is performed when the first packet coming from the server (SYN/ACK) arrives.
C. Three lookups are done during the TCP 3-way handshake (SYN, SYN/ACK, ACK).
D. A lookup is always done each time a packet arrives, from either the server or the client side.
Answer: B
Review the configuration for FortiClient IPsec shown in the exhibit.
Which statement is correct regarding this configuration?
A. The connecting VPN client will install a route to a destination corresponding to the student internal address object.
B. The connecting VPN client will install a default route.
C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range.
D. The connecting VPN client will connect in web portal mode and no route will be installed.
Answer: A
Wednesday, 28 February 2018
Fortinet NSE4 Question Answer
Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit below.
Which statements are regarding this output (Choose two.)
A. The connecting client has been allocated address 172.20.1.1.
B. In the Phase 1 settings, dead peer detection is enabled.
C. The tunnel is idle.
D. The connecting client has been allocated address 10.200.3.1.
Answer: AB
Which statements are regarding this output (Choose two.)
A. The connecting client has been allocated address 172.20.1.1.
B. In the Phase 1 settings, dead peer detection is enabled.
C. The tunnel is idle.
D. The connecting client has been allocated address 10.200.3.1.
Answer: AB
Thursday, 28 December 2017
Fortinet NSE4 Question Answer
With FSSO DC-agent mode, a domain user could authenticate either against the domain controller running the collector agent and domain controller agent, or a domain controller running only the domain controller agent. If you attempt to authenticate with a domain controller running only the domain controller agent, which statements are correct? (Choose two.)
A. The login event is sent to a collector agent by the DC agent.
B. the login event is sent to the FortiGate by the DC agent.
C. The domain collector agent may perform a DNS lookup for the authenticated client's IP address.
D. The user cannot be authenticated with the FortiGate in this manner because each domain controller agent requires a dedicated collector agent.
Answer: CD
Regarding the use of web-only mode SSL VPN, which statement is correct?
A. It support SSL version 3 only.
B. It requires a Fortinet-supplied plug-in on the web client.
C. It requires the user to have a web browser that suppports 64-bit cipher length.
D. The JAVA run-time environment must be installed on the client.
Answer: C
A. The login event is sent to a collector agent by the DC agent.
B. the login event is sent to the FortiGate by the DC agent.
C. The domain collector agent may perform a DNS lookup for the authenticated client's IP address.
D. The user cannot be authenticated with the FortiGate in this manner because each domain controller agent requires a dedicated collector agent.
Answer: CD
Regarding the use of web-only mode SSL VPN, which statement is correct?
A. It support SSL version 3 only.
B. It requires a Fortinet-supplied plug-in on the web client.
C. It requires the user to have a web browser that suppports 64-bit cipher length.
D. The JAVA run-time environment must be installed on the client.
Answer: C
Wednesday, 27 December 2017
Fortinet Recognized by Tech Data with Growth Vendor of the Year Award
Fortinet® (NASDAQ:FTNT), the global leader in broad, integrated and automated cybersecurity solutions, today announced that it is a recipient of the 2017 Tech Data Growth Vendor of the Year Award as part of Tech Data’s 13th annual Vendor Summit, held at the Tampa Convention Center in Tampa, Fla. Tech Data's Vendor of the Year award recipients are recognized for their collaboration, enablement programs, strong partnerships, and commitment to Tech Data, its solution providers and the IT channel in the Americas.
Fortinet has partnered with Tech Data since 2007 to help provide industry-leading cybersecurity solutions to the channel. Since then, both companies have invested in the partnership with dedicated teams and joint channel enablement activities that have resulted in consistent growth.
"It is a true honor to receive Tech Data’s Growth Vendor of the Year award. Fortinet has a long history of working with Tech Data to enable the channel to deliver innovative Security Fabric protections across the entire attack surface,” said Jon Bove, vice president of channel sales at Fortinet. “Fortinet will continue to invest in go-to-market, technical enablement and other strategic activities with Tech Data to support our partners throughout the entire sales cycle."
“We are proud to recognize the commitment, enthusiasm and achievements of Fortinet with the Tech Data Growth Vendor of the Year award,” said Joe Quaglia, president, Americas at Tech Data. “The award recognizes Fortinet as an outstanding vendor with representatives who are devoted to channel innovation, enablement and the continued success of our resellers. The award is a reflection of their determination throughout the year, and we thank them for their continued partnership.”
More than 500 channel partners were in attendance at Vendor Summit, which featured interactive breakout session presentations on Tech Data's key initiatives, as well as presentations on the company's corporate, sales and marketing strategies by Senior Vice President of U.S. Sales Marty Bauerlein; Senior Vice President, Enterprise Solutions, Americas Jeff Bawol; Vice President, Marketing, Americas Pablo Zurzolo; and Quaglia.
About Fortinet
Fortinet (NASDAQ:FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 330,000 customers trust Fortinet to protect their businesses.
About Tech Data
Tech Data connects the world with the power of technology. Our end-to-end portfolio of products, services and solutions, highly specialized skills, and expertise in next-generation technologies enable channel partners to bring to market the products and solutions the world needs to connect, grow and advance. Tech Data is ranked No. 107 on the Fortune 500® and has been named one of Fortune’s World’s Most Admired Companies for eight straight years.
FTNT-O
Copyright © 2017 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiASIC, FortiMail, FortiClient, FortiSIEM, FortiSandbox, FortiWiFi, FortiAP, FortiSwitch, FortiWeb, FortiADC, FortiWAN, and FortiCloud. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.
All brands and trade names are trademarks or registered trademarks, and are the properties of their respective owners. Tech Data disclaims any proprietary interest in marks other than its own.
Subscribe to:
Comments (Atom)