Zusammenfassung der Ressource
Frage 1
Frage
Which statement about the application control database is true?
Frage 2
Frage
The application control profile consists of three different types of filters: (Select 3)
Antworten
-
Categories
-
Application overrides
-
Filter overrides
-
Deny
-
Allow
-
Monitor
Frage 3
Frage
QUIC is a protocol from Google. Instead of using the standard TCP connections for web access it uses UDP which is not scanned by the web filtering. Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. Blocking QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is
Frage 4
Frage
Then, FortiGate scans packets for matches, in this order, for the application control profile:
[blank_start]3. Categories:[blank_end] Finally, the application control profile applies the action that you've configured for applications in your selected Categories.
[blank_start]1. Application Overrides:[blank_end] If you have configured any Application Overrides, the application control profile considers those first. it looks for a matching override starting at the top of the list, like firewall policies.
[blank_start]2. Filter Overrides:[blank_end] If no matching application override exists, then the application control profile applies the action based on configured Filter Overrides.
Frage 5
Frage
Application control profile actions: (Choose 4)
Antworten
-
Allow
-
Monitor
-
Block
-
Quarantine
-
Warning
-
Default
-
Log only
Frage 6
Frage
Which statement about application control is true?
Frage 7
Frage
App control three different types of filters
Antworten
-
Categories
-
Application overrides
-
Filter overrides
-
Signatures overrides
Frage 8
Frage
Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. *Allow QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is *Allow.
Frage 9
Antworten
-
Categories > Application overrides > Filter overrides
-
Application overrides > Categories > Filter overrides
-
Application overrides > Filter overrides > Categories
Frage 10
Frage
Which statement about application control in NGFW policy-based configuration is true?
Frage 11
Frage
What statement about the HTTP block page for application control is true?
Frage 12
Frage
Where do you enable logging of application control events?
Frage 13
Frage
Which of the following information will not be included in the application event log when using NGFW policy-based mode?
Frage 14
Frage
Force FortiGate to check for new application control updates.
Antworten
-
execute update-now
-
diagnose update-now
-
get execute update-now
Frage 15
Frage
Which TCP port does FortiGuard use for application control?
Frage 16
Frage
Which SSL/SSH inspection method is recommended for use with application control scanning to improve application detection?