考题篇(6.2) 01 ❀ 企业防火墙 ❀ Fortinet 网络安全架构师 NSE７

Posted 2021-06-15 meigang2012

 Which two configuration settings change the behavior for content-inspected traffic while FortiGate is in conserve mode?  (Choose two.) 〖当FortiGate处于保护式时，哪两个配置设置改变了内容检查流量的行为?(选择两个)〗

　　A. IPS failopen  

　　B. mem failopen  

　　C. AV failopen  

　　D. UTM failopen  

　　【分析】

 

　　【答案】A C

 

 Refer to the exhibit, which contains the partial output of a diagnose command. 〖查看下列图片，其中包含诊断命令的部分输出。〗

　　Based on the output, which two statements are correct? (Choose two.) 〖根据输出，哪两条语句是正确的?(选择两个)〗

　　A. Anti-replay is enabled.  

　　B. DPD is disabled.  

　　C. Remote gateway IP is 10.200.4.1.  

　　D. Quick mode selectors are disabled.  

　　【分析】

 

　　【答案】A C

 

 Refer to the exhibit, which contains the output of a diagnose command. 〖查看下列图片，其中包含诊断命令的输出。〗

　　Which two statements regarding the output in the exhibit are true? (Choose two.)  〖关于上图中的输出，哪两个陈述是正确的?(选择两个)〗

　　A. FortiGate will probe 121.111.236.179every fifteen minutes for a response.  〖FortiGate将每15分钟探测121.111.236.179以获取响应。〗

　　B. Servers with a negative TZvalue are experiencing a service outage.  〖TZvalue为负的服务器正在经历服务中断。〗

　　C. Servers with the Dflag are considered to be down.  〖带有Dflag的服务器被认为是关闭的。〗

　　D. FortiGate used 209.222.147.36as the initial server to validate its contract. 〖FortiGate使用209.222.147.36作为初始服务器来验证它的契约。〗

　　【分析】

 

　　【答案】A D

 

 Which two statements about application layer test commands are true? (Choose two.)  〖关于应用层测试命令的哪两条语句是正确的?(选择两个)〗

　　A. They are used to filter real-time debugs.  〖它们被用来过滤实时调试。〗

　　B. They display real-time application debugs.  〖它们显示实时应用程序调试。〗

　　C. Some of them can be used to restart an application.  〖其中一些可用来重新启动应用程序。〗

　　D. Some of them display statistics and configuration information about a feature or process. 〖其中一些显示有关特性或进程的统计信息和配置信息。〗

　　【分析】

 

　　【答案】C D

 

 Refer to the exhibits, which contain configuration on FortiGate and partial session information. 〖查看下列图片，其中包含FortiGate的配置和部分会话信息。〗

　　All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network.  If the priority on route ID 1 were changed from 5to 20, what would happen to traffic matching that user’s session?  〖目前所有访问Internet的流量都从端口1出口。该图显示了来自内部网络上用户的Internet流量的部分会话信息。如果路由ID 1的优先级从5改为20，那么匹配该用户会话的流量会发生什么情况?〗

　　A. The session would remain in the session table, but its traffic would now egress from both port1and port2. 〖会话将保持在会话表中，但是它的流量现在将同时从port1和port2退出。〗

　　B. The session would remain in the session table, and its traffic would still egress from port1. 〖会话将保持在会话表中，其流量仍将从端口1出口。〗

　　C. The session would remain in the session table, and its traffic would start to egress from port2. 〖会话将保持在会话表中，它的流量将从端口2开始输出。〗

　　D. The session would be deleted, so the client would need to start a new session. 〖会话将被删除，因此客户端将需要启动一个新的会话。〗

　　【分析】

 

　　【答案】B

 

 Which three conditions are required for two FortiGate devices to form an OSP adjacency? (Choose three.)  〖两个FortiGate设备要形成OSP邻接关系需要哪三个条件?(选择三个)〗

　　A. OSPF costs match  

　　B. OSPF peer IDs match  

　　C. Hello and dead intervals match  

　　D. OSPF IP MTUs match  

　　E. IP addresses are in the same subnet

　　【分析】

 

　　【答案】C D E

 

 Which two statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)  〖关于使用FortiManager CLI脚本进行批量配置更改的哪两条语句是正确的?(选择两个)〗

　　A. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate. 〖在设备数据库上执行时，必须使用安装向导将更改应用到被管理的FortiGate。〗

　　B. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.  〖当在策略包ADOM数据库上执行时，更改将直接应用于被管理的FortiGate。〗

　　C. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.  〖当在ADOM中的All FortiGate上执行时，更改将自动安装，而不会创建新的修订历史。〗

　　D. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.  〖当直接在Remote FortiGate上执行时，管理员没有在安装之前检查更改的选项。〗

　　【分析】

 

　　【答案】A D

 

 Refer to the exhibit, which contains a partial output of an IKE real-time debug. 〖查看下列图片，其中包含IKE实时调试的部分输出。〗

　　Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?  〖从调试输出信息可以看出，该VPN的配置中开启了哪一阶段的设置?〗

　　A. auto-discovery-receiver  

　　B. auto-discovery-forwarder  

　　C. auto-discovery-sender  

　　D. auto-discovery-shortcut

　　【分析】

 

　　【答案】C

 

 What is the diagnose test application ipsmonitor99 command used for?  〖diagnose test application ipsmonitor99命令用于什么?〗

　　A. To enable IPS bypass mode  〖启用IPS bypass模式〗

　　B. To provide information regarding IPS sessions  〖提供关于IPS会话的信息〗

　　C. To disable the IPS engine 〖禁用IPS引擎〗

　　D. To restart all IPS engines and monitors 〖重启所有IPS引擎和监控〗

　　【分析】

 

　　【答案】D

 

 Refer to the exhibit, which contains a session table entry. 〖查看下列图片，它包含一个会话表项。〗

　　Which statement about FortiGate inspection of this session is true?  〖关于这次会议的FortiGate检查，哪个说法是正确的?〗

　　A. FortiGate applied proxy-based inspection.  〖FortiGate应用了基于代理的检查。〗

　　B. FortiGate applied flow-based NGFW policy-based inspection.  〖FortiGate应用于NGFW基于流的策略检测。〗

　　C. FortiGate applied flow-based inspection.  〖FortiGate应用基于流量的检测。〗

　　D. FortiGate forwarded this session without any inspection.  〖FortiGate没有进行任何检查就进行了这次会议。〗

　　【分析】

 

　　【答案】A