Fortinet Certified Email Security Professional Set 1

1.

On a FortiMail unit, access control rules specify actions to be taken against matching email messages. Which of the following statements correctly describes the Bypass action?

Accept the email message but skip the MX record lookup. This mail message will be delivered using the configured relay server. Do not deliver the email message. Accept the email message and skip all message scanning, such as antispam and antivirus. Accept the email message and delete it immediately without delivery.

2.

Which of the following FortiMail profile types apply to IP-based policies only?

Session profile Content profile IP pool Antispam profile

3.

According to the Message Header printed below, which antispam technique detected this email as spam:
Return-Path: user1@external.lab

(SquirrelMail authenticated user user1)
by 172.16.78.8 with HTTP;
X-FEAS-HASH: 6ef419f0a0608b1655xxxxe68080df3cb12fc38f1118d2f085985eeb000274d7
Sat, 18 Apr 2009 15:53:06 +0200 (CEST)
Message-ID : <3029.192.168.3.101.1240062786.squirrel@172.16.78.8>
Date : Sat, 18 Apr 2009 15 :53 :06 +0200 (CEST)
Subject: [SPAM] Sales
From: user1@external.lab
To: user1@training1.lab
User-Agent: SquirrelMail/1.4.10a-1.fc6
MIME-Version : 1.0
Content-Type : text/plain ;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Original-To: user1@training1.lab
Delivered-To: user1@training.lab
Received: from fm.sub.training1.lab (fm.sub.training1.lab [192.168.11.101])
by mail.training.lab (Postfix) with ESMTP id A9160187073
for ; Sun, 19 Apr 2009 16:58:48 +0200 (CEST)
Received: from mail.external.lab ([172.16.78.8])
by fm.sub.training1.lab with ESMTP id n3LEPHWu001093
for ; Tue, 21 Apr 2009 10:25:17 -0400
Received: from 172.16.78.8 (localhost [127.0.0.1])
by mail.external.lab (Postfix) with ESMTP id 247D9BF893
for ; Sat, 18 Apr 2009 15:53:06 +0200 (CEST)
Received: from 192.168.3.101

DNSBL scan Dictionary scan Banned Word scan FortiGuard checksum

4.

Which of the following statements is true regarding Session-based antispam techniques?

The entire mail content is inspected. They are enabled in the session profile only. SMTP commands, sender domain and IP address are checked. They are checked after application-based antispam techniques.

5.

Which of the following statements regarding the FortiMail unit's Greylisting feature is NOT correct?

The FortiMail unit tracks the /32 bit host address of the sender. When an email is received from a new sender IP address, envelope sender and envelope recipient addresses, the FortiMail unit will initially send a temporaryfailure message. After the initial temporary fail message is sent, the message must be retransmitted between the Greylisting period expiry and initial expiry time periods. Pass-through is allowed until the configured TTL expires. An ACL with action Relay bypasses Greylisting.

Fortinet Certified Email Security Professional Set 1

Congratulations

COMPANY

Products

OTHERS

Partner

Fortinet Certified Email Security Professional Set 1

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner