Marcos Avila
Quiz por , criado more than 1 year ago

NSE4 6.0 NSE4 6.0 Quiz sobre App Control, criado por Marcos Avila em 17-08-2018.

701
1
0
Marcos Avila
Criado por Marcos Avila quase 6 anos atrás
Fechar

App Control

Questão 1 de 16

1

Which statement about the application control database is true?

Selecione uma das seguintes:

  • a. The application control database is separate from the IPS database.

  • b. The application control database must be updated manually.

Explicação

Questão 2 de 16

1

The application control profile consists of three different types of filters: (Select 3)

Selecione uma ou mais das seguintes:

  • Categories

  • Application overrides

  • Filter overrides

  • Deny

  • Allow

  • Monitor

Explicação

Questão 3 de 16

1

QUIC is a protocol from Google. Instead of using the standard TCP connections for web access it uses UDP which is not scanned by the web filtering. Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. Blocking QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is

Selecione uma das seguintes:

  • Allow

  • Block.

Explicação

Questão 4 de 16

1

Then, FortiGate scans packets for matches, in this order, for the application control profile:

Finally, the application control profile applies the action that you've configured for applications in your selected Categories.

If you have configured any Application Overrides, the application control profile considers those first. it looks for a matching override starting at the top of the list, like firewall policies.

If no matching application override exists, then the application control profile applies the action based on configured Filter Overrides.

Arraste e solte para completar o texto.

    3. Categories:
    1. Application Overrides:
    2. Filter Overrides:

Explicação

Questão 5 de 16

1

Application control profile actions: (Choose 4)

Selecione uma ou mais das seguintes:

  • Allow

  • Monitor

  • Block

  • Quarantine

  • Warning

  • Default

  • Log only

Explicação

Questão 6 de 16

1

Which statement about application control is true?

Selecione uma das seguintes:

  • A. It uses the IPS engine to scan traffic for application patterns.

  • B. It is unable to scan P2P architecture traffic.

Explicação

Questão 7 de 16

1

App control three different types of filters

Selecione uma ou mais das seguintes:

  • Categories

  • Application overrides

  • Filter overrides

  • Signatures overrides

Explicação

Questão 8 de 16

1

Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. *Allow QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is *Allow.

Selecione uma das seguintes:

  • False

  • True

Explicação

Questão 9 de 16

1

Scanning order

Selecione uma das seguintes:

  • Categories > Application overrides > Filter overrides

  • Application overrides > Categories > Filter overrides

  • Application overrides > Filter overrides > Categories

Explicação

Questão 10 de 16

1

Which statement about application control in NGFW policy-based configuration is true?

Selecione uma das seguintes:

  • A. Applications are applied directly to the firewall policies.

  • B. The application control profile must be applied to firewall policies.

Explicação

Questão 11 de 16

1

What statement about the HTTP block page for application control is true?

Selecione uma das seguintes:

  • A. It can be used only for web applications.

  • B. It works for all types of applications.

Explicação

Questão 12 de 16

1

Where do you enable logging of application control events?

Selecione uma das seguintes:

  • A. Application control logs are enabled in the firewall policy configuration.

  • B. Application control logs are enabled on the Log & Report settings page of FortiGate.

Explicação

Questão 13 de 16

1

Which of the following information will not be included in the application event log when using NGFW policy-based mode?

Selecione uma das seguintes:

  • A. Application control profile name

  • B. Application name

Explicação

Questão 14 de 16

1

Force FortiGate to check for new application control updates.

Selecione uma das seguintes:

  • execute update-now

  • diagnose update-now

  • get execute update-now

Explicação

Questão 15 de 16

1

Which TCP port does FortiGuard use for application control?

Selecione uma das seguintes:

  • A. 53

  • B. 443

Explicação

Questão 16 de 16

1

Which SSL/SSH inspection method is recommended for use with application control scanning to improve application detection?

Selecione uma das seguintes:

  • A. Certificate-based inspection profile

  • B. Deep-inspection profile

Explicação