10982674
Beschreibung
Quiz von Marcos Avila, aktualisiert more than 1 year ago
|
Erstellt von Marcos Avila
vor etwa 7 Jahre
|
|
Frage 1
Frage
What statement is true regarding the Policy Lookup feature?
Antworten
-
Searches matching policy based on input criteria
-
Allows traffic to pass through FortiGate based on input criteria, even when there is no firewall policy allowing it
-
Enables extended logging on the firewall policy based on input criteria
-
Creates packet capture in Wireshark format based on input criteria
Frage 2
Frage
Which FortiGate interface does source device type enable device detection on?
Antworten
-
Both source interface and destination interface of the firewall policy
-
All interfaces of FortiGate
-
Destination interface of the firewall policy only
-
Source interface of the firewall policy only
Frage 3
Frage
Which statements are true regarding device identification? (Choose two.)
Antworten
-
Agent-based (FortiCIient) devices use the HTTP user-agent header to identify devices.
-
Agentless devices are indexed by their MAC address.
-
Agent-based (FortiCIient) devices are tracked by their FortiCIient unique ID
-
Only agent—based device identification techniques are supported.
Frage 4
Frage
Which statements correctly define Policy ID and policy Sequence number for firewall policies? (Choose two.)
Antworten
-
A policy sequence number defines the order in which rules are processed.
-
A policy ID number is required to modify a firewall policy from the CLI.
-
A policy ID number changes when policies are re-ordered.
-
A policy sequence number reflects the number of objects used in the firewall policy.
Frage 5
Frage
Which statements are true regarding incoming and outgoing interfaces in firewall policies? (Choose two.)
Antworten
-
Multiple interfaces can be selected as incoming and outgoing interfaces.
-
An incoming interface is mandatory in a firewall policy, but an outgoing interface is optional.
-
Only the any interface can be chosen as an incoming interface.
-
A zone can be chosen as the outgoing interface.
Frage 6
Frage
Examine the CLI configuration. What does this configuration do? (Choose two.)
config system setting
set ses—denied—traffic enable
end
Antworten
-
It creates a session for traffic being denied.
-
It sends an alert notification to the administrator upon detecting denied traffic.
-
It reduces the amount of logs generated by denied traffic.
-
A log message will only generate if there is a security event.
Frage 7
Frage
What criteria does FortiGate use to match traffic to a firewall policy? (Choose two.)
Antworten
-
Source and destination interfaces
-
Logging settings
-
Security profiles
-
Network services
Frage 8
Frage
Which statements are true regarding the By Sequence View for firewall policies? (Choose two.)
Antworten
-
Does not show the source interface column
-
ls still available even when the any interface is being used in one or more firewall policies
-
Lists firewall policies primarily by their policy sequence number
-
ls disabled if any firewall policy has its status set to disable
Frage 9
Frage
What must be selected in the Source field of a firewall policy?
Antworten
-
At least one source user or user group object
-
At least one address object
-
At least one device object
-
At least one source user, one source device, and one source address object
Frage 10
Frage
What statement is true regarding the Service setting in a firewall policy?
Antworten
-
It is optional to add a service in a firewall policy.
-
It matches the traffic by port number.
-
Only one service object can be added to the firewall policy.
-
Administrators cannot create custom services objects.
Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.