Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NSE4 > ET Questions > Flashcards

ET Questions Flashcards

1
Q

Qual è il comando per sincronizzare gli oggetti dei FortiGate nella security Fabric

A

set fabric-object unification default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Come si chiamano i log del traffico verso il management ip del firewall?

A

local traffic logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

cosa indica l’azione visibile su ogni singola signature della lista nella lista di signature nell’application override

A

L’azione di default applicata da FortiGuard a quella signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Che modalità di esecuzione hanno le azioni indicato in un stitch della security fabric?

A

Possono essere eseguiti in parallelo o serie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Che limiti hanno gli inter VDOM link per vdom NAT e Transparent mode?

A

Gli interVDOM link non esistono tra due VDOM transparent ma sono configurabili tra un Transparent e un NAT e tra due NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Come si dividono le policy in base all’ID mostrato nel diagnose firewall proute list?

A

ID <= 65535 then its a regular policy route
ID >= 65535 without vwl_service field then it is ISDB route
ID >=65535 with vwl_service field then it is SD-WAN rule

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Che comando viene utilizzato per far usare a fortigate un protocollo non sicuro per gli update da fortiguard per web filtering live?

A

set fortiguard-anycast disable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Come vengono assegnati i port block nel nat port-block allocation?

A

first-come first-served

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why enabling match vip in a policy

A

To match a vip ip address even without having the vip object as destination of the policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Che traffico gestisce il VDOM di management?

A

DNS e FortiGuard web filter queries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

UUID policy di implicit deny

A

0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What’s the effect on enabling auto negotiation on phase 2 del IPSec tunnel

A

It negotiates new SAs before old SAs expires and the tunnel comes up and stays up even with no activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What’s the order on web filtering in the HTTPS inspection process

A

Static URL filter, Fortiguard web filter, advanced filter (safe search, web content replacement…)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does FGCP look for the primary HA election with HA override disabled?

A

Monitored interfaces, HA Uptime, priority e serial number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Where fortigate gets the hostname of the SSL server during inspection?

A

SNI (Server name indication) extension in client hello message
Subject field in server certificate
SAN (Subject alternative name) in the certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is used to authenticate with the same FortiToken on multiple FortiGate

A

FortiAuthenticator

NSE4 (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions