Fortinet Certified Network Security Professional Set 3

1.

An administrator configures a VPN and selects the Enable IPSec Interface Mode option in the phase 1 settings. Which of the following statements are correct regarding the IPSec VPN configuration?

To complete the VPN configuration, the administrator must manually create a virtual IPSec interface in Web Config under System > Network.

The virtual IPSec interface is automatically created after the phase1 configuration. The IPSec policies must be placed at the top of the list. This VPN cannot be used as part of a hub and spoke topology. Routes were automatically created based on the address objects in the firewall policies.

2.

What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully- meshed set of IPSec tunnels? (Select all that apply.)

Using a hub and spoke topology is required to achieve full redundancy. Using a hub and spoke topology simplifies configuration. Using a hub and spoke topology provides stronger encryption. Using a hub and spoke topology reduces the number of tunnels.

3.

What advantages are there in using a fully Meshed IPSec VPN configuration instead of a hub and spoke set of IPSec tunnels?

Using a hub and spoke topology is required to achieve full redundancy. Using a full mesh topology simplifies configuration. Using a full mesh topology provides stronger encryption. Full mesh topology is the most fault-tolerant configuration.

Fortinet Certified Network Security Professional Set 3

Congratulations

COMPANY

Products

OTHERS

Partner

Fortinet Certified Network Security Professional Set 3

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner