QUESTION 51 Exhibit   1. Monitor port priority.   2. Age.   3. Unit Priority.   4. Serial number   What is the correct match order to choose a cluster master?   A. 1 , 2 , 3 , 4 B. 1 , 3 , 2 , 4 C. 2 , 1 , 3 , 4 D. 2 , 4 , 1 , 3 E. 4 , 1 , 3 , 2   Answer: A     QUESTION 52 Exhibit   1.Create internal lan ip address   2.Create remote lan private ip address   3.Define remote gateway ip address   4.Define
QUESTION 61 Exhibit   1. Outbound encrypt policy.   2. Inbound encrypt policy.   3) Default non-encrypt policy.   What is the correct order of the recommend policy order of spoke Fortigate unit in   hub & spoke environment?   A. 1 , 2 , 3 B. 2 , 1 , 3 C. 2 , 3 , 1 D. 3 , 2 , 1   Answer: A     QUESTION 62 Which of the following ensure that the routing information is reliable ?   A. key-chain list B. access-list
QUESTION 31 What is the valid IPS option? Select all that apply.   A. IPS signature B. IPS anomaly C. IPS engine D. IPS list   Answer: AB Explanation: Valid IPS options are IPS Signature and IPS anomaly. Not D IPS list do not exist     QUESTION 32 Which of the following default factory setting is true about Fortigate unit? Select all   that apply.   A. internal /24 ; http , https , ping , ssh access is enabled B. external
QUESTION 41 Which of the following greatest impact the security of VPN tunnel   A. aggressive mode B. main mode C. short keep alive D. key life based on bytes rather than seconds E. PFS F. use fewer proposals for encryption and authentication   Answer: A     QUESTION 42 Which one is the most efficient way to block MSN traffic by Fortigate unit ?   A. Use IPS module by applying protection profile B. Use Antivirus engine C. Use
QUESTION 21 What is the valid ipsec phase 2 option? Select all that apply.   A. des B. 3des C. md5 D. sha1   Answer: CD     QUESTION 22   Which of the following Traffic shaping parameter can be configured? Select all that   apply.   A. schedule B. traffic priority C. max bandwidth D. guarantee bandwidth   Answer: BCD     QUESTION 23 It has been decided that Key-Chain will be used in your corporate enterprise
QUESTION 11 The following type of malware spread itself through network ?   A. worm B. trujan C. download D. exploit E. phish   Answer: A     QUESTION 12 Which of the following firmware upgrade method will cause configuration reset?   A. WebUI B. CLI C. Fortimanager D. interrupt booting procedure by CLI   Answer: D     QUESTION 13 Default radius port can be changed ?   A. True B. False   Answer:
Exam A   QUESTION 1 How many network segments can be connected to FortiGate unit to control traffic   between these network segments when using transparent mode   A. 1 B. 2 C. 3 D. 4 E. 5   Answer: C     QUESTION 2 Which of the following predefined dissector signature have configurable   parameter? Select all that apply.   A. http header B. IM C. P2P D. rpc decoder E. cp-reassemble   Answer: ABCDE