Fortinet Network Security Expert - FortiOS 5.4 Set 1

1.

Under what circumstance would you enable LEARN as the Action on a firewall policy?

You want FortiGate to compile security feature activity from various security-related logs, such as virus and attack logs. You want FortiGate to monitor a specific security profile in a firewall policy, and provide recommendations for that profile. You want to capture data across all traffic and security vectors, and receive learning logs and a report with recommendations. You want FortiGate to automatically modify your firewall policies as it learns your networking behavior.

2.

You are tasked to architect a new IPsec deployment with the following criteria:
- There are two HQ sites that all satellite offices must connect to.
- The satellite offices do not need to communicate directly with other satellite offices.
- No dynamic routing will be used.
- The design should minimize the number of tunnels being configured.
Which topology should be used to satisfy all of the requirements?

Redundant Hub-and-spoke Partial mesh Fully meshed

3.

What step is required to configure an SSL VPN to access to an internal server using port forward mode?

Configure the virtual IP addresses to be assigned to the SSL VPN users. Install FortiClient SSL VPN client Create a SSL VPN realm reserved for clients using port forward mode. Configure the client application to forward IP traffic to a Java applet proxy.

4.

A company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups. What is required in the SSL VPN configuration to meet these requirements?

Two separated SSL VPNs in different interfaces of the same VDOM Different SSL VPN realms for each group Different virtual SSLVPN IP addresses for each group Two firewall policies with different captive portals

5.

How can a browser trust a web-server certificate signed by a third party CA?

The browser must have the CA certificate that signed the web-server certificate installed. The browser must have the web-server certificate installed. The browser must have the private key of CA certificate that signed the web-browser certificate installed. The browser must have the public key of the web-server certificate installed.

Fortinet Network Security Expert - FortiOS 5.4 Set 1

Congratulations

COMPANY

Products

OTHERS

Partner

Fortinet Network Security Expert - FortiOS 5.4 Set 1

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner