Fortigate NSE 4 6.2 Security UPDATED
ACTUAL Exam Questions and CORRECT
Answers
What direction does the LAN run to the internet and what direction from the physical cabling to
the private virtual network - CORRECT ANSWER - Vertically
Horizontal
What does UTM stand for? - CORRECT ANSWER - Unified threat management
Describe the architectural structure of fortigate - CORRECT ANSWER - Fortigate is a
modular design. The hardware is advanced. Special ASIC designed by fortinet and specialized
CP and NP CPU chips make fortigate a carrier grade device. It enables you to simplify your
network and cut down on the number of needed devices. Sitting on the advanced circuitry is
FOrtiOS. Fortigate can operate as a NGWF with antivirus, web filtering, and IPS. It's flexible
allowing for a simple operation and can also be a sophisticated NGFW with advanced
capabilities such as UTM. It is vendor neutral and also offers subscription services to further
advance capabilities and support.
What is dangerous about SSL - CORRECT ANSWER - A virus can pass through SSL
unless full (deep)SSL inspection is enabled
SNI - CORRECT ANSWER - Server name identification sent during the beginning of SSL
handshake that fortigate used to identify the server. Used in SSL certificate inspection
What is SSL certificate inspection - CORRECT ANSWER - Fortigate uses the SNI to
distinguish the hostname of the SSL server which is validated against the DNS. The only security
feature that can be applied with this mode is web filtering. It does not inspect encrypted data
Benefits of fortigate VM - CORRECT ANSWER - Faster deployment and tear down also
may be cheaper if you use cheaper/larger hardware to run the VM on
,Disadvantage of fortigate VM - CORRECT ANSWER - You will be using a generic CPU
instead of the special fortASIC that is only made by fortinet. Therefore performance will be
downgraded
SPU and what are the 3 types - CORRECT ANSWER - Security processing unit
Specialized acceleration hardware that can offload resource intensive processing from the main
CPU
CP- content processor
SP- security processor
NP- network processor
CP (CP8 and CP9) - CORRECT ANSWER - High speed content inspection
Content processor that accelerates Antivirus
Attack detection
Encryption and decryption (SSL)
Not bound to an interface
SP (SP3) - CORRECT ANSWER - Security processors accelerate IPS for better system
performance
Bound to an interface
NP - CORRECT ANSWER - Packet processing
NP6 (nturbo)
,Attached to a network interface
Network processors that offload processing of high volume network traffic from the CPU
What is Nturbo - CORRECT ANSWER - Offloads flow based security profile (packet by
packet sessions) to the NP4 or NP6 processors (if it's disabled then the CPU handles it)
Where can you see how much data is being offloaded to the special processors - CORRECT
ANSWER - Session dashboard widget in GUI shows percentage
SOC3 - CORRECT ANSWER - System on a chip. Contains the CPU, CPs, NPs and SPs
What is a more accurate description of a modern firewall
A: A device that inspects network traffic at an entry point to the internet and within a simple
easily defined network perimeter
B: a multifunctional device that inspects network traffic from the perimeter or internally within a
network that has many entry points - CORRECT ANSWER -
What fortigate solution enhances performance and reduces latency for specific features and
traffic - CORRECT ANSWER - Acceleration hardware called SPU
What are the two modes a fortigate can operate in - CORRECT ANSWER - Nat and
transparent
Explain NAT mode - CORRECT ANSWER - Fortigate is an OSI layer 3 router
Interfaces have IPs
Packets are routed by IP
, Explain transparent mode - CORRECT ANSWER - Fortigate is an OSI layer 2 switch
Interfaces do not have IP
Forwards frames based on MAC and cannot route packets
What is the default fortigate mode - CORRECT ANSWER - NAT
What port do you plug
Your computer into to begin configuration (two answers ) - CORRECT ANSWER - Port
one or the internal switch ports on entry level
Or the management interface on mid-High end models
What is enabled on the mid-high range FortiGate's mgmt interface - CORRECT
ANSWER - DHCP server
What is default management IP on fortigate - CORRECT ANSWER - 192.168.1.99
What is the console port for on fortigate - CORRECT ANSWER - Used for CLI access
without internet (GUI access). Can be used with a terminal emulator
What port is the built in DHCP server enabled on - CORRECT ANSWER - Port 1
Default user and pass - CORRECT ANSWER - Admin
Blank
What are fortiguard subscription services - CORRECT ANSWER - They provide fortigate
with up to date threat intelligence from the fortiguard distribution network (FDN)
ACTUAL Exam Questions and CORRECT
Answers
What direction does the LAN run to the internet and what direction from the physical cabling to
the private virtual network - CORRECT ANSWER - Vertically
Horizontal
What does UTM stand for? - CORRECT ANSWER - Unified threat management
Describe the architectural structure of fortigate - CORRECT ANSWER - Fortigate is a
modular design. The hardware is advanced. Special ASIC designed by fortinet and specialized
CP and NP CPU chips make fortigate a carrier grade device. It enables you to simplify your
network and cut down on the number of needed devices. Sitting on the advanced circuitry is
FOrtiOS. Fortigate can operate as a NGWF with antivirus, web filtering, and IPS. It's flexible
allowing for a simple operation and can also be a sophisticated NGFW with advanced
capabilities such as UTM. It is vendor neutral and also offers subscription services to further
advance capabilities and support.
What is dangerous about SSL - CORRECT ANSWER - A virus can pass through SSL
unless full (deep)SSL inspection is enabled
SNI - CORRECT ANSWER - Server name identification sent during the beginning of SSL
handshake that fortigate used to identify the server. Used in SSL certificate inspection
What is SSL certificate inspection - CORRECT ANSWER - Fortigate uses the SNI to
distinguish the hostname of the SSL server which is validated against the DNS. The only security
feature that can be applied with this mode is web filtering. It does not inspect encrypted data
Benefits of fortigate VM - CORRECT ANSWER - Faster deployment and tear down also
may be cheaper if you use cheaper/larger hardware to run the VM on
,Disadvantage of fortigate VM - CORRECT ANSWER - You will be using a generic CPU
instead of the special fortASIC that is only made by fortinet. Therefore performance will be
downgraded
SPU and what are the 3 types - CORRECT ANSWER - Security processing unit
Specialized acceleration hardware that can offload resource intensive processing from the main
CPU
CP- content processor
SP- security processor
NP- network processor
CP (CP8 and CP9) - CORRECT ANSWER - High speed content inspection
Content processor that accelerates Antivirus
Attack detection
Encryption and decryption (SSL)
Not bound to an interface
SP (SP3) - CORRECT ANSWER - Security processors accelerate IPS for better system
performance
Bound to an interface
NP - CORRECT ANSWER - Packet processing
NP6 (nturbo)
,Attached to a network interface
Network processors that offload processing of high volume network traffic from the CPU
What is Nturbo - CORRECT ANSWER - Offloads flow based security profile (packet by
packet sessions) to the NP4 or NP6 processors (if it's disabled then the CPU handles it)
Where can you see how much data is being offloaded to the special processors - CORRECT
ANSWER - Session dashboard widget in GUI shows percentage
SOC3 - CORRECT ANSWER - System on a chip. Contains the CPU, CPs, NPs and SPs
What is a more accurate description of a modern firewall
A: A device that inspects network traffic at an entry point to the internet and within a simple
easily defined network perimeter
B: a multifunctional device that inspects network traffic from the perimeter or internally within a
network that has many entry points - CORRECT ANSWER -
What fortigate solution enhances performance and reduces latency for specific features and
traffic - CORRECT ANSWER - Acceleration hardware called SPU
What are the two modes a fortigate can operate in - CORRECT ANSWER - Nat and
transparent
Explain NAT mode - CORRECT ANSWER - Fortigate is an OSI layer 3 router
Interfaces have IPs
Packets are routed by IP
, Explain transparent mode - CORRECT ANSWER - Fortigate is an OSI layer 2 switch
Interfaces do not have IP
Forwards frames based on MAC and cannot route packets
What is the default fortigate mode - CORRECT ANSWER - NAT
What port do you plug
Your computer into to begin configuration (two answers ) - CORRECT ANSWER - Port
one or the internal switch ports on entry level
Or the management interface on mid-High end models
What is enabled on the mid-high range FortiGate's mgmt interface - CORRECT
ANSWER - DHCP server
What is default management IP on fortigate - CORRECT ANSWER - 192.168.1.99
What is the console port for on fortigate - CORRECT ANSWER - Used for CLI access
without internet (GUI access). Can be used with a terminal emulator
What port is the built in DHCP server enabled on - CORRECT ANSWER - Port 1
Default user and pass - CORRECT ANSWER - Admin
Blank
What are fortiguard subscription services - CORRECT ANSWER - They provide fortigate
with up to date threat intelligence from the fortiguard distribution network (FDN)
