Copiar e Editar

App Control

Descrição

NSE4 6.0 NSE4 6.0 Quiz sobre App Control, criado por Marcos Avila em 17-08-2018.
Marcos Avila
Quiz por Marcos Avila, atualizado more than 1 year ago
Marcos Avila
Criado por Marcos Avila mais de 6 anos atrás
713
1
0

Resumo de Recurso

Questão 1

Questão
Which statement about the application control database is true?
Responda
  • a. The application control database is separate from the IPS database.
  • b. The application control database must be updated manually.

Questão 2

Questão
The application control profile consists of three different types of filters: (Select 3)
Responda
  • Categories
  • Application overrides
  • Filter overrides
  • Deny
  • Allow
  • Monitor

Questão 3

Questão
QUIC is a protocol from Google. Instead of using the standard TCP connections for web access it uses UDP which is not scanned by the web filtering. Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. Blocking QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is
Responda
  • Allow
  • Block.

Questão 4

Questão
Then, FortiGate scans packets for matches, in this order, for the application control profile: [blank_start]3. Categories:[blank_end] Finally, the application control profile applies the action that you've configured for applications in your selected Categories. [blank_start]1. Application Overrides:[blank_end] If you have configured any Application Overrides, the application control profile considers those first. it looks for a matching override starting at the top of the list, like firewall policies. [blank_start]2. Filter Overrides:[blank_end] If no matching application override exists, then the application control profile applies the action based on configured Filter Overrides.
Responda
  • 3. Categories:
  • 1. Application Overrides:
  • 2. Filter Overrides:

Questão 5

Questão
Application control profile actions: (Choose 4)
Responda
  • Allow
  • Monitor
  • Block
  • Quarantine
  • Warning
  • Default
  • Log only

Questão 6

Questão
Which statement about application control is true?
Responda
  • A. It uses the IPS engine to scan traffic for application patterns.
  • B. It is unable to scan P2P architecture traffic.

Questão 7

Questão
App control three different types of filters
Responda
  • Categories
  • Application overrides
  • Filter overrides
  • Signatures overrides

Questão 8

Questão
Allowing QUIC instructs FortiGate to inspect Google Chrome packets for a QUIC header and generate logs as a QUIC message. *Allow QUIC forces Google Chrome to use HTTP2/TLS1.2 and FortiGate to log the QUIC as blocked. The default action for QUIC is *Allow.
Responda
  • False
  • True

Questão 9

Questão
Scanning order
Responda
  • Categories > Application overrides > Filter overrides
  • Application overrides > Categories > Filter overrides
  • Application overrides > Filter overrides > Categories

Questão 10

Questão
Which statement about application control in NGFW policy-based configuration is true?
Responda
  • A. Applications are applied directly to the firewall policies.
  • B. The application control profile must be applied to firewall policies.

Questão 11

Questão
What statement about the HTTP block page for application control is true?
Responda
  • A. It can be used only for web applications.
  • B. It works for all types of applications.

Questão 12

Questão
Where do you enable logging of application control events?
Responda
  • A. Application control logs are enabled in the firewall policy configuration.
  • B. Application control logs are enabled on the Log & Report settings page of FortiGate.

Questão 13

Questão
Which of the following information will not be included in the application event log when using NGFW policy-based mode?
Responda
  • A. Application control profile name
  • B. Application name

Questão 14

Questão
Force FortiGate to check for new application control updates.
Responda
  • execute update-now
  • diagnose update-now
  • get execute update-now

Questão 15

Questão
Which TCP port does FortiGuard use for application control?
Responda
  • A. 53
  • B. 443

Questão 16

Questão
Which SSL/SSH inspection method is recommended for use with application control scanning to improve application detection?
Responda
  • A. Certificate-based inspection profile
  • B. Deep-inspection profile

Quer criar seus próprios Quizzes gratuitos com a GoConqr? Saiba mais.

Semelhante

Figuras de linguagem
Roberta Souza
Simulado para concursos públicos
Alessandra S.
Resumo de Biologia - Ciclos da Vida e Evolução
Larissa Guimarães
Gramática para o First Certificate I
GoConqr suporte .
Genética Molecular: Ácidos Nucleicos
Renata Cavazzana
Phrasal Verbs - Inglês #11
Eduardo .
Conjunções
GoConqr suporte .
Constituição Federal - Artigos 1 à 5
GoConqr suporte .
DIREITO PROCESSUAL PENAL
Joelma Silva
Informática Básica
Neylor Farias Ma
Instrumentação Cirúrgica
Lia Argenton
Explore a Biblioteca