FORTIGATE FIREWALL MULTIPLE CHOICE QUESTIONS
AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS)
|ALREADY GRADED A+||BRAND NEW
What must be selected in the Source field of a firewall policy?
a. At least one source user and one source address object
b. At least one address object or ISDB Ans✓✓✓b. At least one address
object or ISDB
Which solution specific to Fortinet enhances performance and reduces
latency for specific features and traffic?
a. Acceleration hardware, called SPUs
b. Increased RAM and CPU power Ans✓✓✓a. Acceleration hardware,
called SPUs
What is the purpose of the policy lookup feature on FortiGate?
a. To block traffic based on input criteria
b. To find a matching policy based on input criteria Ans✓✓✓b. To find
a matching policy based on input criteria
If you configure a firewall policy with the any interface, you can view
the firewall policy list only in which view?
a. The Interface Pair View
b. The By Sequence View Ans✓✓✓b. The By Sequence View
How does FortiGate check content for spam or malicious websites?
,a. Local verification using a downloaded web filter database locally on
FortiGate
b. Live queries to FortiGuard over UDP or HTTPS Ans✓✓✓b. Live
queries to FortiGuard over UDP or HTTPS
As a best security practice when configuring administrative access to
FortiGate, which protocol should you disable?
a. SSH
b. Telnet Ans✓✓✓b. Telnet
Which of the following naming formats is correct when configuring a
name for a firewall address object?
a. Good_Training
b. Good(Training) Ans✓✓✓a. Good_Training
What criteria does FortiGate use to match traffic to a firewall policy?
a. Security profiles
b. Source and destination interfaces Ans✓✓✓b. Source and destination
interfaces
Which is a more accurate description of a modern firewall?
a. A device that inspects network traffic at an entry point to the internet
and within a simple, easily defined network perimeter
b. A multifunctional device that inspects network traffic from the
perimeter or internally, within a network that has many different entry
, points Ans✓✓✓b. A multifunctional device that inspects network traffic
from the perimeter or internally, within a network that has many
different entry points
Which protocol does FortiGate use to download antivirus and IPS
packages?
a. TCP
b. UDP Ans✓✓✓a. TCP
An administrator wants to check the total number of TCP sessions for an
IP pool named INTERNAL. Which CLI command should the
administrator use?
a. diagnose firewall ippool-all stats INTERNAL
b. diagnose firewall ippool-all list INTERNAL Ans✓✓✓a. diagnose
firewall ippool-all stats INTERNAL
What is the default IP pool type?
a. One-to-one
b. Overload Ans✓✓✓b. Overload
What is the benefit of using NAT?
a. Prevents depletion of IPv4 public address
b. Enhanced content inspection Ans✓✓✓a. Prevents depletion of IPv4
public address
AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS)
|ALREADY GRADED A+||BRAND NEW
What must be selected in the Source field of a firewall policy?
a. At least one source user and one source address object
b. At least one address object or ISDB Ans✓✓✓b. At least one address
object or ISDB
Which solution specific to Fortinet enhances performance and reduces
latency for specific features and traffic?
a. Acceleration hardware, called SPUs
b. Increased RAM and CPU power Ans✓✓✓a. Acceleration hardware,
called SPUs
What is the purpose of the policy lookup feature on FortiGate?
a. To block traffic based on input criteria
b. To find a matching policy based on input criteria Ans✓✓✓b. To find
a matching policy based on input criteria
If you configure a firewall policy with the any interface, you can view
the firewall policy list only in which view?
a. The Interface Pair View
b. The By Sequence View Ans✓✓✓b. The By Sequence View
How does FortiGate check content for spam or malicious websites?
,a. Local verification using a downloaded web filter database locally on
FortiGate
b. Live queries to FortiGuard over UDP or HTTPS Ans✓✓✓b. Live
queries to FortiGuard over UDP or HTTPS
As a best security practice when configuring administrative access to
FortiGate, which protocol should you disable?
a. SSH
b. Telnet Ans✓✓✓b. Telnet
Which of the following naming formats is correct when configuring a
name for a firewall address object?
a. Good_Training
b. Good(Training) Ans✓✓✓a. Good_Training
What criteria does FortiGate use to match traffic to a firewall policy?
a. Security profiles
b. Source and destination interfaces Ans✓✓✓b. Source and destination
interfaces
Which is a more accurate description of a modern firewall?
a. A device that inspects network traffic at an entry point to the internet
and within a simple, easily defined network perimeter
b. A multifunctional device that inspects network traffic from the
perimeter or internally, within a network that has many different entry
, points Ans✓✓✓b. A multifunctional device that inspects network traffic
from the perimeter or internally, within a network that has many
different entry points
Which protocol does FortiGate use to download antivirus and IPS
packages?
a. TCP
b. UDP Ans✓✓✓a. TCP
An administrator wants to check the total number of TCP sessions for an
IP pool named INTERNAL. Which CLI command should the
administrator use?
a. diagnose firewall ippool-all stats INTERNAL
b. diagnose firewall ippool-all list INTERNAL Ans✓✓✓a. diagnose
firewall ippool-all stats INTERNAL
What is the default IP pool type?
a. One-to-one
b. Overload Ans✓✓✓b. Overload
What is the benefit of using NAT?
a. Prevents depletion of IPv4 public address
b. Enhanced content inspection Ans✓✓✓a. Prevents depletion of IPv4
public address
