Kopieren und bearbeiten

FSSO I

Beschreibung

NSE4 6.0 NSE4 6.0 Quiz am FSSO I, erstellt von Marcos Avila am 25/07/2018.
Marcos Avila
Quiz von Marcos Avila, aktualisiert more than 1 year ago
Marcos Avila
Erstellt von Marcos Avila vor etwa 6 Jahre
25
1
0

Zusammenfassung der Ressource

Frage 1

Frage
FSSO software identifies: (Select 3)
Antworten
  • User´s ID
  • IP Address
  • Group Membership
  • Group Users
  • Computers hostname

Frage 2

Frage
Microsoft AD types mode:
Antworten
  • Polling mode Agent mode
  • collector agent-based Agentless

Frage 3

Frage
Polling mode:
Antworten
  • Collector agent-based Agentless
  • Polling mode Agent mode

Frage 4

Frage
In FSSO, FortiGate allows network access based on
Antworten
  • a. Active user authentication with username and password
  • b. Passive user identification by user ID, IP address, and group membership

Frage 5

Frage
Which working mode is used for monitoring user sign-on activities in Windows AD? 0
Antworten
  • a. Polling mode (collector agent-based or agentless)
  • b. eDirectory agent mode

Frage 6

Frage
DC Agent is responsible for:
Antworten
  • Monitoring user logon events and forwarding them to the collector agents Handling DNS lookups (by default)
  • Group veritication Workstation checks Updates of logon records on FortiGate Sending domain local security group, organizational units (OUs), and global security group information to FortiGate

Frage 7

Frage
Collector agent is responsible for:
Antworten
  • Group veritication Workstation checks Updates of logon records on FortiGate Sending domain local security group, organizational units (OUs), and global security group information to FortiGate
  • Monitoring user logon events and forwarding them to the collector agents Handling DNS lookups (by default)

Frage 8

Frage
DC agent mode requires: Two DC agent installed on each Windows DC If you have multiple DCs, this means that you need multiple DC agents. DC agents monitor and forward user logon events to the collector agents.
Antworten
  • True
  • False

Frage 9

Frage
Collector Agent sends: (Select 4)
Antworten
  • User name
  • Host name
  • IP address
  • User groups(s)
  • MAC address
  • Ports

Frage 10

Frage
Ports used for DC Agent
Antworten
  • The collector agent communicates with FortiGate over TCP port 8000 (default) and it listens on UDP port 8002 (default) for updates from the DC agents. The ports are customizable.
  • The collector agent communicates with FortiGate over TCP port 8002 (default) and it listens on UDP port 8000 (default) for updates from the DC agents. The ports are customizable.

Frage 11

Frage
Collector agents uses:
Antworten
  • SMB TCP 445 protocol, by default, to request the event logs. TCP 135, TCP 139, and UDP 137 as fallbacks
  • SMB TCP 134 protocol, by default, to request the event logs. TCP 135, TCP 139, and UDP 137 as fallbacks

Frage 12

Frage
Three methods of the collector agent for collecting logon information:
Antworten
  • NetAPI
  • WinSecLog
  • WMI
  • SMB
  • TCP

Frage 13

Frage
Polls temporary sessions created on the DC when a user logs in or logs off and calls the NetSessionEnum function on Windows. It’s faster than the WinSec and WMI methods; however, it can miss some logon events if a DC is under heavy system load. This is because sessions can be quickly created and purged from RAM, before the agent has a chance to poll and notify Forthate.
Antworten
  • NetAPl
  • WinSecLog
  • WMI

Frage 14

Frage
Polls all the security event logs from the DC. It doesn't miss any logon events that have been recorded by the DC because events are not normally deleted from the logs. There can be some delay in FortiGate receiving events if the network is large and, therefore, writing to the logs is slow. It also requires that the audit success of specific event IDS is recorded in the Windows security logs. For a full list of supported event IDs, visit the Fortinet knowledge base site (http://kb.fortinet.com).
Antworten
  • WlnSecLog
  • NetAPI
  • WMI

Frage 15

Frage
A Windows API that gets system information from a Windows server. The DC returns all requested logon events. The collector agent is a WMI client and sends WMI queries for user logon events to the DC, which, in this case, is a WMI server. The collector agent doesn't need to search security event logs on the DC for user logon events; instead, the DC returns all requested logon events. This reduces network load between the collector agent and DC.
Antworten
  • WMI
  • NetAPI
  • WinSecLog

Frage 16

Frage
Installation: Complex—multiple installations (one per DC). Requires reboot. DC agent required: Yes Resources: Shares with DC agents Scalability: Higher Redundancy: Yes Level of confidence: Captures all logons
Antworten
  • DC Agent mode
  • Polling Mode

Frage 17

Frage
Installation: Easy—one or no installations. No reboot required. DC agent required: No Resources: Has own resources Scalability: Lower Redundancy: No Level of confidence: Might miss a logon (NetAPl), or have a delay (WinSeoLog)
Antworten
  • DC Agent mode
  • Polling Mode

Frage 18

Frage
DC agent mode requires one DC agent -----(1) installed on each Windows DC in the -------(2)
Antworten
  • 1- dcagent.dll 2- Windows\system32
  • 1- system32.dll 2- Windows\dcagent.dll
Zusammenfassung anzeigen Zusammenfassung ausblenden

Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.

ähnlicher Inhalt

The American Dream
barbara91
Latein Vokabeln
Einpegasus
Evolutionsfaktoren
Xenia W.
Unterrichtsplanung in 5 Minuten
h.a.mueller
TK 4 Demokratie und Mitwirkung
Christine Zehnder
ALDI SUISSE PLU: Kernsortiment 01 - 99
Sarah Huber
GPSY ALPS
hf.meyer
Vetie Allgemeine Pathologie Altklausur 2015
Tropsi B
Innere Kleintier Vetie
Anne Käfer
Vetie - Arzneimittelverordnung 2014
Schmolli Schmoll
Vetie AVO 2019
Kristin E
Bibliothek durchsuchen