The three most used protocols in the suite are the following: (Select 3)
Answer
lnternet Key Exchange (IKE)
Encapsulation Security Payload (ESP)
Authentication Header (AH)
Point – to – Point Tunneling Protocol (PPTP)
Secure Sockets Layer (SSL)
Question 2
Question
[blank_start]lnternet Key Exchange (IKE)[blank_end], which does the handshake, tunnel maintenance, and disconnection.
[blank_start]Encapsulation Security Payload (ESP)[blank_end], which ensures data integrity andencryption.
[blank_start]Authentication Header (AH)[blank_end], which offers only data integrity-not encryption.
Answer
lnternet Key Exchange (IKE)
Encapsulation Security Payload (ESP)
Authentication Header (AH)
Question 3
Question
FortiGate uses ESP to transport the packet payload and authenticate.
Answer
True
False
Question 4
Question
IKE uses port
Answer
UDP 500
TCP 500
UDP 4500
TCP 4500
Question 5
Question
IKE uses if NAT-T is enabled in a NAT scenario:
Answer
UDP port 4500
TCP port 4500
UDP port 5000
TCP port 5000
Question 6
Question
SA
Answer
Security Association
Security Access
Question 7
Question
For phase 1, there are two possible negotiation modes that can be used:
Answer
main mode
aggressive mode
quick mode
Question 8
Question
Phase 2 uses only one negotiation mode:
Answer
quick mode
main mode
aggressive mode
Question 9
Question
AH is used by FortiGate
Answer
True
False
Question 10
Question
IKE
Answer
Internet Key Exchange
Internal Key Exchange
Internal Keep Exchange
Question 11
Question
ESP is
Answer
UDP encapsulated
TCP encapsulated
Question 12
Question
Authenticates or encrypts packets using the following protocols:
(Select 3)
Answer
Internet Key Exchange (IKE)
Encapsulation Security Payload (ESP)
Authentication Header (AH)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Question 13
Question
Provides both data integrity and encryption:
Answer
Encapsulation Security Payload (ESP)
Internet Key Exchange (IKE)
Authentication Header (AH)
Question 14
Question
Easy configuration
Few tunnels
High central bandwidth
Not fault tolerant
Low system requirements on average,
but high for center
Scalable
No direct communication between
spokes
Answer
Hub-and-Spoke
Partial Mesh
Full Mesh
Question 15
Question
Moderate configuration
Medium number of tunnels
Medium bandwidth in hub sites
Some fault tolerance
Medium system requirements
Somewhat scalable
Direct communication between some
sites
Answer
Hub-and-Spoke
Partial Mesh
Full Mesh
Question 16
Question
Complex configuration
Many tunnels
Low bandwidth
Fault tolerant
High system requirements
Difficult to scale
Direct communication between all sites
Answer
Hub-and-Spoke
Partial Mesh
Full Mesh
Question 17
Question
FortiOS provides two options for IPsec VPNs:
route-based (also known as [blank_start]interface-based[blank_end]) or policy-based (also known as [blank_start]tunnel-mode[blank_end]).