最新的Fortinet Certification認證 FCNSP.v5考試題庫

問題1

Identify the statement which correctly describes the output of the following command:
diagnose ips anomaly list

A. Lists the configured DoS policy.

B. List the real-time counters for the configured DoS policy.

C. Lists the errors captured when compiling the DoS policy.

正確答案: B

問題2

An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down.
Which of the following statements best describes how to resolve this issue?

A. This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user's web portal.

B. Make sure that only Internet Explorer is used. All other browsers are unsupported.

C. This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface.

D. Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal.

正確答案: C

問題3

What advantages are there in using a fully Meshed IPSec VPN configuration instead of a hub and spoke set of IPSec tunnels?

A. Full mesh topology is the most fault-tolerant configuration.

B. Using a full mesh topology provides stronger encryption.

C. Using a hub and spoke topology is required to achieve full redundancy.

D. Using a full mesh topology simplifies configuration.

正確答案: A

問題4

In a High Availability cluster operating in Active-Active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a subordinate unit?

A. Request: Internal Host; Master FortiGate; Slave FortiGate; Internet; Web Server

B. Request: Internal Host; Slave FortiGate; Master FortiGate; Internet; Web Server

C. Request: Internal Host; Slave FortiGate; Internet; Web Server

D. Request: Internal Host; Master FortiGate; Slave FortiGate; Master FortiGate; Internet; Web Server

正確答案: A

問題5

Examine the Exhibit shown below; then answer the question following it.

The Vancouver FortiGate unit initially had the following information in its routing table:
S 172.20.0.0/16 [10/0] via 172.21.1.2, port2 C 172.21.0.0/16 is directly connected, port2 C 172.11.11.0/24 is directly connected, port1
Afterwards, the following static route was added:
config router static edit 6 set dst 172.20.1.0 255.255.255.0 set pririoty 0 set device port1 set gateway 172.11.12.1
next end
Since this change, the new static route is NOT showing up in the routing table. Given the information provided, which of the following describes the cause of this problem?

A. The 'gateway' IP address is NOT in the same subnet as the IP address of port1.

B. The subnet 172.20.1.0/24 is overlapped with the subnet of one static route that is already in the routing table (172.20.0.0/16), so, we need to enable allow-subnet-overlap first.

C. The static route configuration is missing the distance setting.

D. The priority is 0, which means that the route will remain inactive.

正確答案: A

問題6

A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit.

Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?

A. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator.

B. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges.

C. The FortiGate unit is being treated as a syslog device and is only permitted to send log data.

D. The FortiGate unit is considered an unregistered device.

正確答案: D

問題7

Which of the following items is NOT a packet characteristic matched by a firewall service object?

A. TCP/UDP source and destination ports

B. IP protocol number

C. TCP sequence number

D. ICMP type and code

正確答案: C

最新的Fortinet Certified Network Security Professional (FCNSP.v5) - FCNSP.v5免費考試真題

最新更新

站內鏈接

聯系我們