Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
FCNSA.v5 Examination questions (September)

Achieve New Updated (September) Fortinet FCNSA.v5 Examination Questions 71-80

September 24, 2015

Ensurepass

 

QUESTION 71

Which of the following pieces of information can be included in the Destination Address field of a firewall policy?

 

A.

An IP address pool, a virtual IP address, an actual IP address, and an IP address group.

B.

A virtual IP address, an actual IP address, and an IP address group.

C.

An actual IP address and an IP address group.

D.

Only an actual IP address.

 

Answer: B

 

 

QUESTION 72

A FortiGate 60 unit is configured for your small office. The DMZ interface is connected to a network containing a web server and email server. The Internal interface is connected to a network containing 10 user workstations and the WAN1 interface is connected to your ISP.

 

You want to configure firewall policies so that your users can send and receive email messages to the email server on the DMZ network. You also want the email server to be able to retrieve email messages from an email server hosted by your ISP using the POP3 protocol.

 

Which policies must be created for this communication? (Select all that apply.)

 

A.

Internal > DMZ

B.

DMZ > Internal

 

 

 

 

C.

Internal > WAN1

D.

WAN1 > Internal

E.

DMZ > WAN1

F.

WAN1 > DMZ

 

Answer: AE

 

 

QUESTION 73

Which of the following authentication types are supported by FortiGate units? (Select all that apply.)

 

A.

Kerberos

B.

LDAP

C.

RADIUS

D.

Local Users

 

Answer: BCD

 

 

QUESTION 74

When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.

 

A.

profile

B.

allowaccess interface settings

C.

operation mode

D.

local-in policy

 

Answer: A

 

 

QUESTION 75

Which of the following statements are correct regarding URL filtering on the FortiGate unit? (Select all that apply.)

 

A.

The allowed actions for URL Filtering include Allow, Block and Exempt.

 

 

 

 

B.

The allowed actions for URL Filtering are Allow and Block.

C.

The FortiGate unit can filter URLs based on patterns using text and regular expressions.

D.

Any URL accessible by a web browser can be blocked using URL Filtering.

E.

Multiple URL Filter lists can be added to a single protection profile.

 

Answer: AC

 

 

QUESTION 76

Which of the following statements best describes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

 

A.

The proxy will not allow a file to be transmitted in multiple streams simultaneously.

B.

The proxy sends the file to the server while simultaneously buffering it.

C.

If the file being scanned is determined to be infected, the proxy deletes it from the server by sending a delete command on behalf of the client.

D.

If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.

 

Answer: A

 

 

QUESTION 77

Which of the following is true regarding Switch Port Mode?

 

A.

Allows all internal ports to share the same subnet.

B.

Provides separate routable interfaces for each internal port.

C.

An administrator can select ports to be used as a switch.

D.

Configures ports to be part of the same broadcast domain.

 

Answer: A

 

 

QUESTION 78

Which of the following statements correctly describes how a push update from the FortiGuard Distribution Network (FDN) works?

 

 

 

 

 

A.

The FDN sends push updates only once.

B.

The FDN sends package updates automatically to the FortiGate unit without requiring an update request.

C.

The FDN continues to send push updates until the FortiGate unit sends an acknowledgement.

D.

The FDN sends a message to the FortiGate unit that there is an update available and that the FortiGate unit should download the update.

 

Answer: D

 

 

QUESTION 79

What is the effect of using CLI “config system session-ttl” to set session_ttl to 1800 seconds?

 

A.

Sessions can be idle for no more than 1800 seconds.

B.

The maximum length of time a session can be open is 1800 seconds.

C.

After 1800 seconds, the end user must reauthenticate.

D.

After a session has been open for 1800 seconds, the FortiGate unit will send a keepalive packet to both client and server.

 

Answer: A

 

 

QUESTION 80

An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down.

 

Which of the following statements best describes how to resolve this issue?

 

A.

This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user’s web portal.

B.

This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface.

C.

Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal.

D.

Make sure that only Internet Explorer is used. All other browsers are unsupported.

 

Answer: B

Free VCE & PDF File for Fortinet FCNSA.v5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …