Get all latest (August) Fortinet FCNSP.v5 Actual Test 31-40

Ensurepass

 

QUESTION 31

In HA, what is the effect of the Disconnect Cluster Member command as given in the Exhibit.

 

clip_image002

 

A.

The HA mode changes to standalone.

B.

Port3 is configured with an IP address for management access.

C.

The Firewall rules are purged on the disconnected unit.

D.

All other interface IP settings are maintained.

 

Correct Answer: AB

 

 

QUESTION 32

Review the output of the command config router ospf shown in the Exhibit below; then answer the question following it. Which one of the following statements is correct regarding this output?

 

clip_image004

 

A.

OSPF Hello packets will only be sent on interfaces configured with the IP addresses 172.16.1.1 and 172.16.1.2.

B.

OSPF Hello packets will be sent on all interfaces of the FortiGate device.

C.

OSPF Hello packets will be sent on all interfaces configured with an address matching the 10.0.1.0/24 and 172.16.0.0/12 networks.

D.

OSPF Hello packets are not sent on point-to-point networks.

 

Correct Answer: C

 

 

QUESTION 33

Which of the following statements are correct about the HA diag command diagnose sys ha reset-uptime? (Select all that apply.)

 

A.

The device this command is executed on is likely to switch from master to slave status if master override is disabled.

B.

The device this command is executed on is likely to switch from master to slave status if master override is enabled.

C.

This command has no impact on the HA algorithm.

D.

This command resets the uptime variable used in the HA algorithm so it may cause a new master to become elected.

 

Correct Answer: AD

 

 

QUESTION 34

In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate unit when searching for a suitable gateway?

 

A.

A look-up is done only when the first packet coming from the client (SYN) arrives.

B.

A look-up is done when the first packet coming from the client (SYN) arrives, and a second is performed when the first packet coming from the server (SYNC/ACK) arrives.

C.

A look-up is done only during the TCP 3-way handshake (SYNC, SYNC/ACK, ACK).

D.

A look-up is always done each time a packet arrives, from either the server or the client side.

 

Correct Answer: B

 

 

QUESTION 35

FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory. Which of the following statements are correct regarding FSSO in a Windows domain environment when NTLM and Polling Mode are not used? (Select all that apply.)

 

A.

An FSSO Collector Agent must be installed on every domain controller.

B.

An FSSO Domain Controller Agent must be installed on every domain controller.

C.

The FSSO Domain Controller Agent will regularly update user logon information on the FortiGate unit.

D.

The FSSO Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit.

E.

For non-doma

in computers, the only way to allow FSSO authentication is to install an FSSO client.

 

Correct Answer: BD

QUESTION 36

The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows. Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?

 

Exhibit A – Antivirus Profile:

clip_image006

 

Exhibit B – Non-default UTM Proxy Options Profile:

clip_image008

 

Exhibit C – DLP Profile:

clip_image010

 

A.

Only Exhibit A

B.

Only Exhibit B

C.

Only Exhibit C with default UTM Proxy settings.

D.

All of the Exhibits (A, B and C)

E.

Only Exhibit C with non-default UTM Proxy settings (Exhibit B).

 

Correct Answer: C

 

 

QUESTION 37

Examine the Exhibits shown below, then answer the question that follows. An MP3 file is renamed to `workbook.exe’ and put into a ZIP archive. It is then sent through the FortiGate device over HTTP. It is intercepted and processed by the configuration shown in the above Exhibits 1-4. Assuming the file is not too large for the File scanning threshold, what action will the FortiGate unit take?

 

Review the following DLP Sensor (Exhibit 1):

clip_image012

 

Review the following File Filter list for rule #1 (Exhibit 2):

clip_image014

 

Review the following File Filter list for rule #2 (Exhibit 3):

clip_image016

 

Review the following File Filter list for rule #3 (Exhibit 4):

clip_image018

 

A.

The file will be detected by rule #1 as an `Audio (mp3)’, a log entry will be created and it will be allowed to pass through.

B.

The file will be detected by rule #2 as a “*.exe”, a log entry will be created and the interface that received the traffic will be brought down.

C.

The file will be detected by rule #3 as an Archive(zip), blocked, and a log entry will be created.

D.

Nothing, the file will go undetected.

 

Correct Answer: A

 

 

QUESTION 38

Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit below. Which of the following statements are correct regarding this output? (Select all that apply.)

 

clip_image020

 

A.

The connecting client has been allocated address 172.20.1.1.

B.

In the Phase 1 settings, dead peer detection is enabled.

C.

The tunnel is idle.

D.

The connecting client has been allocated address 10.200.3.1.

 

Correct Answer: AB

 

 

QUESTION 39

Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of ‘diag sys session stat’ for the STUDENT device. Exhibit B shows the command output of ‘diag sys session stat’ for the REMOTE device. Given the information provided in the exhibits, which of the following statements are correct? (Select all that apply.)

 

Exhibit A:

clip_image022

Exhibit B:

clip_image024

 

A.

STUDENT is likely to be the master device.

B.

Session-pickup is likely to be enabled.

C.

The cluster mode is definitely Active-Passive.

D.

There is not enough information to determine the cluster mode.

 

Correct Answer: AD

 

 

QUESTION 40

Examine the following log message for IPS and identify the valid responses below. (Select all that apply.)

 

2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity=”critical” src=”192.168.3.168″ dst=”192.168.3.170″ src_int=”port2″ serial=0 status=”detected” proto=1 service=”icmp” count=1 attack_name=”icmp_flood” icmp_id=”0xa8a4″ icmp_type=”0x08″ icmp_code=”0x00″ attack_id=16777316 sensor=”1″ ref=”http://www.fortinet.com/ids/VID16777316″ msg=”anomaly: icmp_flood, 51 > threshold 50″

 

A.

The target is 192.168.3.168.

B.

The target is 192.168.3.170.

C.

The attack was detected and blocked.

D.

The attack was detected only.

E.

The attack was TCP based.

 

Correct Answer: BD

 

Free VCE & PDF File for Fortinet FCNSP.v5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in FCNSP.v5 Real Exam (August) and tagged , , , , , , . Bookmark the permalink.