Fortinet Network Security Expert 6 v7.0

Page:    1 / 4   
Exam contains 60 questions

Once defined, an antivirus profile can be activated from which two configuration objects in
FortiMail? (Choose two.)

  • A. IP policy
  • B. Recipient policy
  • C. Security profile
  • D. Content profile


Answer : A,B

For the case of outbound link load balancing, which upstream link is elected by the proximity route dynamic detection feature as the best one for a destination IP address?

  • A. The link with the lowest number of sessions
  • B. The link with the lowest round-trip delay to the destination IP address
  • C. The link with the lowest traffic utilization
  • D. The link with the lowest number of packets lost


Answer : B

Which of these is an OATH-based standard to generate one-time password tokens?

  • A. SCEP
  • B. EAP-TLS
  • C. TOTP
  • D. HOTP


Answer : C

Which methods can be used to submit files to FortiSandbox for inspection? (Choose two.)

  • A. File shares
  • B. FTP upload
  • C. SFTP upload
  • D. JSON API


Answer : A,D

Which of the following statements about layer 2 load balancing are true? (Choose two.)

  • A. HTTP content can be modified.
  • B. Its useful when the real IP addresses of the back-end servers are unknown by the FortiADC administrator.
  • C. Load balancing decisions are made based on the destination MAC address of the client traffic.
  • D. It supports IPv6.


Answer : A,C

RADIUS authentication with FortiAuthenticator is not working. The traffic sniffer indicates that client traffic is not reaching FortiAuthenticator. Which could be the cause of the problem? (Choose two.)

  • A. Incorrect RADIUS client IP and pre-shared secret
  • B. Group filters on the RADIUS client
  • C. Authentication method on the RADIUS client
  • D. Firewall policies on FortiGate


Answer : A,D

When FortiMail is operating is transparent mode, SMTP sessions are intercepted and scanned based on what criteria?

  • A. The MAIL FROM: sender envelope address.
  • B. The destination IP address.
  • C. The source IP address.
  • D. The RCPT TO: recipient envelope address.


Answer : B

The sender validation techniques SPF and DKIM rely on data provided by what type of entity?

  • A. The upstream MTA
  • B. The sender’s LDAP server
  • C. The sender’s DNS records
  • D. The sender’s email envelope


Answer : C

What statement is true for the self-service portal? (Choose two.)

  • A. Administrator approval is required for all self-registrations
  • B. Self-registration information can be sent to the user through email and SMS
  • C. Realms can be used to configure what self-registered users or groups can access the network
  • D. Users self-register through the social portal splash screen


Answer : A,B

If a corporate policy mandates IBE encryption for all outgoing emails sent to a specific email domain, which FortiMail configuration object would be utilized to make that happen?

  • A. Access delivery rule
  • B. Content action profile
  • C. Security profile
  • D. Session profile


Answer : B

In a server mode config-only cluster, where is the mail data stored? (Choose one.)

  • A. Internal FortiMail appliance storage
  • B. FortiCloud storage
  • C. External NAS storage
  • D. Server mode is not supported with config-only clusters


Answer : C

Which is true regarding Microsoft Office on FortiSandbox?

  • A. Microsoft Word documents (.docx) are not inspected.
  • B. Office 365 files are not supported.
  • C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
  • D. Office 2013 is installed in one of the VMs.


Answer : C

An administrator wants to implement load balancing persistence by configuring the
FortiADC to prefix the server ID to an existing cookie sent by the back-end servers. Which persistence method can the administrator use?

  • A. Persistence cookie
  • B. Insert cookie
  • C. Hash cookie
  • D. Embedded cookie


Answer : D

A device that is 802.1X non-compliant must be connected to the network. Which authentication method can you use to authenticate the device with FortiAuthenticator?

  • A. EAP-TTLS
  • B. EAP-TLS
  • C. PEAP (MSCHAPv2)
  • D. MAC authentication bypass


Answer : D

What is a primary motivating factor for choosing FortiMail transparent mode over server mode or gateway mode?

  • A. Full support for layer 3 IP routing
  • B. No need to change the DNS MX records
  • C. Full IPv6 support
  • D. Increased performance and scalability


Answer : B

Page:    1 / 4   
Exam contains 60 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.