Ensurepass

QUESTION 54  (Topic 2)

 

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?

 

A.

TCP connection

B.

File attachments

C.

Message headers

D.

Message body

 

Answer: A

 

 

QUESTION 55  (Topic 2)

 

An administrator is examining the attack logs and notices the following entry:

 

type=ips subtype=signature pri=alert vd=root serial=1995 attack_id=103022611 src=69.45.64.22 dst=192.168.1.100 src_port=80 dst_port=4887 src_int=wlan dst_int=internal status=detected proto=6 service=4887/tcp user=N/A group=N/A msg=web_client: IE.IFRAME.BufferOverflow.B

 

Based on the information displayed in this entry, which of the following statements are correct? (Select all that apply.)

 

A.

This is an HTTP server attack.

B.

The attack was detected and blocked by the FortiGate unit.

C.

The attack was against a FortiGate unit at the 192.168.1.100 IP address.

D.

The attack was detected and passed by the FortiGate unit.

 

Answer: CD

 

 

QUESTION 56  (Topic 2)

 

When the SSL proxy inspects the server certificate for Web Filtering only in SSL

 

 

 

 

Handshake mode, which certificate field is being used to determine the site rating?

 

A.

Common Name

B.

Organization

C.

Organizational Unit

D.

Serial Number

E.

Validity

 

Answer: A

 

 

QUESTION 57  (Topic 2)

 

Which of the following statements is correct based on the firewall configuration illustrated in the exhibit?

 

clip_image002

 

A.

A user can access the Internet using only the protocols that are supported by user authentication.

B.

A user can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP. These require authentication before the user will be allowed access.

C.

A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access any services.

D.

A user cannot access the Internet using any protocols unless the user has passed firewall authentication.

 

Answer: D

 

 

QUESTION 58  (Topic 2)

 

A static route is configured for a FortiGate unit from the CLI using the following commands:

 

config router static

 

 

 

 

edit 1

 

set device “wan1”

 

set distance 20

 

set gateway 192.168.100.1

 

next

 

end

 

Which of the following conditions is NOT required for this static default route to be displayed in the FortiGate unit’s routing table?

 

A.

The Administrative Status of the wan1 interface is displayed as Up.

B.

The Link Status of the wan1 interface is displayed as Up.

C.

All other default routes should have an equal or higher distance.

D.

You must disable DHCP client on that interface.

 

Answer: D

 

 

QUESTION 59  (Topic 2)

 

Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

 

A.

The proxy buffers the entire file from the client, only sending the file to the server if the file is clean. One possible consequence of buffering is that the server could time out.

B.

The proxy sends the file to the server while simultaneously buffering it.

C.

The proxy removes the infected file from the server by sending a delete command on behalf of the client.

D.

If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.

 

Answer: A

 

 

QUESTION 60  (Topic 2)

 

Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers?

 

 

 

 

 

You must enabled explicit Web-proxy on the incoming interface.

A.

WCCP must be enabled on the interface facing the Web cache.

B.

C.

WCCP must be enabled as a global setting on the FortiGate unit.

D.

WCCP must be enabled on all interfaces on the FortiGate unit through which HTTP traffic is passing.

 

Answer: A

 

 

QUESTION 61  (Topic 2)

 

Which of the following statements correctly describes the deepscan option for HTTPS?

 

A.

When deepscan is disabled, only the web server certificate is inspected; no decryption of content occurs.

B.

Enabling deepscan will perform further checks on the server certificate.

C.

Deepscan is only applicable to mail protocols, where all IP addresses in the header are checked.

D.

With deepscan enabled, archived files will be decompressed before scanning for a more comprehensive file inspection.

 

Answer: A

 

 

QUESTION 62  (Topic 2)

 

A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity.

 

The following troubleshooting commands are executed from the CLI:

 

user1 # get system interface

 

== [ internal ]

 

namE. internal modE. static ip: 10.0.1.254 255.255.255.128 status: up

 

netbios-forwarD. disable typE. physical mtu-overridE. disable

 

== [ vlan1 ]

 

namE. vlan1 modE. static ip: 10.0.1.1 255.255.255.128 status: up netb

 

 

 

 

ios-forwarD. disable typE. vlan mtu-overridE. disable

 

user1 # get router info routing-table all

 

Codes: K – kernel, C – connected, S – static, R – RIP, B – BGP

 

O – OSPF, IA – OSPF inter area

 

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

 

E1 – OSPF external type 1, E2 – OSPF external type 2

 

i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

 

* – candidate default

 

S 10.0.0.0/8 [10/0] is a summary, Null

 

C 10.0.1.0/25 is directly connected, vlan1

 

C 10.0.1.128/25 is directly connected, internal

 

user1 # diagnose debug flow trace start 100

 

user1 # diagnose debug ena

 

user1 # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1

 

id=20085 trace_id=277 msg=”vd-root received a packet(proto=6, 10.0.1.130

 

:47922->10.0.1.1:443) from internal.”

 

id=20085 trace_id=277 msg=”allocate a new session-00000b21″

 

id=20085 trace_id=277 msg=”iprope_in_check() check failed, drop”

 

Based on the output from these commands, which of the following is a possible cause of the problem?

 

A.

The FortiGate unit has no route back to the PC.

B.

The PC has an IP address in the wrong subnet.

C.

The PC is using an incorrect default gateway IP address.

D.

There is no firewall policy allowing traffic from INTERNAL -> VLAN1.

 

Answer: D

 

 

 

QUESTION 63  (Topic 2)

 

A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity.

 

The following troubleshooting commands are executed from the DOS prompt on the PC and from the CLI.

 

C:>ping 10.0.1.1

 

Pinging 10.0.1.1 with 32 bytes of data:

 

Reply from 10.0.1.1: bytes=32 time=1ms TTL=255

 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255

 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255

 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255

 

user1 # get system interface

 

== [ internal ]

 

namE. internal modE. static ip: 10.0.1.254 255.255.255.128 status: up

 

netbios-forwarD. disable typE. physical mtu-overridE. disable

 

== [ vlan1 ]

 

namE. vlan1 modE. static ip: 10.0.1.1 255.255.255.128 status: up netb

 

ios-forwarD. disable typE. vlan mtu-overridE. disable

 

user1 # diagnose debug flow trace start 100

 

user1 # diagnose debug ena

 

user1 # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1

 

id=20085 trace_id=274 msg=”vd-root received a packet(proto=6, 10.0.1.130:47927- >10.0.1.1:443) from internal.”

 

id=20085 trace_id=274 msg=”allocate a new session-00000b1b”

 

 

 

 

id=20085 trace_id=274 msg=”find SNAT: IP-10.0.1.1, port-43798″

 

id=20085 trace_id=274 msg=”iprope_in_check() check failed, drop”

 

Based on the output from these commands, which of the following explanations is a possible cause of the problem?

 

A.

The Fortigate unit has no route back to the PC.

B.

The PC has an IP address in the wrong subnet.

C.

The PC is using an incorrect default gateway IP address.

D.

The FortiGate unit does not have the HTTPS service configured on the VLAN1 interface.

E.

There is no firewall policy allowing traffic from INTERNAL-> VLAN1.

 

Answer: D

 

Free VCE & PDF File for Fortinet FCNSP.v5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.