Get all latest (August) Fortinet FCNSP.v5 Actual Test 41-50

Ensurepass

 

QUESTION 41

Identify the correct properties of a partial mesh VPN deployment:

 

A.

VPN tunnels interconnect between every single location.

B.

VPN tunnels are not configured between every single location.

C.

Some locations are reached via a hub location.

D.

There are no hub locations in a partial mesh.

 

Correct Answer: BC

 

 

QUESTION 42

In a High Availability cluster operating in Active-Active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a subordinate unit?

 

A.

Request: Internal Host; Master FortiGate; Slave FortiGate; Internet; Web Server

B.

Request: Internal Host; Master FortiGate; Slave FortiGate; Master FortiGate; Internet; Web Server

C.

Request: Internal Host; Slave FortiGate; Internet; Web Server

D.

Request: Internal Host; Slave FortiGate; Master FortiGate; Internet; Web Server

 

Correct Answer: A

 

 

QUESTION 43

Review the output of the command get router info routing-table database shown in the Exhibit below

; then answer the question following it. Which of the following statements are correct regarding this output? (Select all that apply).

 

clip_image002

 

A.

There will be six routes in the routing table.

B.

There will be seven routes in the routing table.

C.

There will be two default routes in the routing table.

D.

There will be two routes for the 10.0.2.0/24 subnet in the routing table.

 

Correct Answer: AC

 

 

QUESTION 44

A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit. Which of the following statements are correct regarding these VDOMs? (Select all that apply.)

 

clip_image004

 

A.

The FortiGate unit supports any combination of these VDOMs in NAT/Route and Transparent modes.

B.

The FortiGate unit must be a model 1000 or above to support multiple VDOMs.

C.

A license had to be purchased and applied to the FortiGate unit before VDOM mode could be enabled.

D.

All VDOMs must operate in the same mode.

E.

Changing a VDOM operational mode requires a reboot of the FortiGate unit.

F.

An admin account can be assigned to one VDOM or it can have access to all three VDOMs.

 

Correct Answer: AF

 

 

QUESTION 45

Bob wants to send Alice a file that is encrypted using public key cryptography. Which of the following statements is correct regarding the use of public key cryptography in this scenario?

 

A.

Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file.

B.

Bob will use his public key to encrypt the file and Alice will use Bob’s private key to decrypt the file.

C.

Bob will use Alice’s public key to encrypt the file and Alice will use her private key to decrypt the file.

D.

Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file.

E.

Bob will use Alice’s public key to encrypt the file and Alice will use Bob’s public key to decrypt the file.

 

Correct Answer: C

 

 

 

 

 

 

QUESTION 46

Which of the following items are considered to be advantages of using the application control features on the FortiGate unit?

 

Application control allows an administor to:

 

A.

set a unique session-ttl for select applications.

B.

customize application types in a similar way to adding custom IPS signatures.

C.

check which applications are installed on workstations attempting to access the network.

D.

enable AV scanning per application rather than per policy.

 

Correct Answer: A

 

 

QUESTION 47

An administrator wishes to generate a report showing Top Traffic by service type, but wants to exclude SMTP traffic from the report. Which of the following statements best describes how to do this?

 

A.

In the Service field of the Data Filter, type 25/smtp and select the NOT checkbox.

< p class="MsoNormal" style="margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">B.

Add the following entry to the Generic Field section of the Data Filter: service=”!smtp”.

C.

When editing the chart, uncheck mlog to indicate that Mail Filtering data is being excluded when generating the chart.

D.

When editing the chart, enter ‘dns’ in the Exclude Service field.

 

Correct Answer: A

 

 

QUESTION 48

If Open Shortest Path First (OSPF) has already been configured on a FortiGate unit, which of the following statements is correct if the routes learned through OSPF need to be announced by Border Gateway Protocol (BGP)?

 

A.

The FortiGate unit will automatically announce all routes learned through OSPF to its BGP peers if the FortiGate unit is configured as an OSPF Autonomous System Boundary Router (ASBR).

B.

The FortiGate unit will automatically announce all routes learned through OSPF to its BGP peers if the FortiGate unit is configured as an OSPF Area Border Router (ABR).

C.

At a minimum, the network administrator needs to enable Redistribute OSPF in the BGP settings.

D.

The BGP local AS number must be the same as the OSPF area number of the routes learned that need to be redistributed into BGP.

E.

By design, BGP cannot redistribute routes learned through OSPF.

 

Correct Answer: C

 

 

 

 

 

 

 

 

 

 

 

QUESTION 49

The diag sys session list command is executed in the CLI. The output of this command is shown in the exhibit. Based on the output from this command, which of the following statements is correct?

 

clip_image005

 

A.

This is a UDP session.

B.

Traffic shaping is being applied to this session.

C.

This is an ICMP session.

D.

This traffic has been authenticated.

E.

This session matches a firewall policy with ID 5.

 

Correct Answer: B

 

 

QUESTION 50

When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option. What is a valid reason for using the Full Search option, instead?

 

A.

The search items you are looking for are not contained in indexed log fields.

B.

A quick search only searches data received within the last 24 hours.

C.

You want the search to include the FortiAnalyzer’s local logs.

D.

You want the search to include content archive data as well.

 

Correct Answer: A

 

Free VCE & PDF File for Fortinet FCNSP.v5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in FCNSP.v5 Real Exam (August) and tagged , , , , , , . Bookmark the permalink.