Fortinet Network Security Expert 6 v7.0 (NSE6)

Page:    1 / 4   
Total 64 questions

Once defined, an antivirus profile can be activated from which two configuration objects in
FortiMail? (Choose two.)

  • A. IP policy
  • B. Recipient policy
  • C. Security profile
  • D. Content profile


Answer : A,B

For the case of outbound link load balancing, which upstream link is elected by the proximity route dynamic detection feature as the best one for a destination IP address?

  • A. The link with the lowest number of sessions
  • B. The link with the lowest round-trip delay to the destination IP address
  • C. The link with the lowest traffic utilization
  • D. The link with the lowest number of packets lost


Answer : B

Which of these is an OATH-based standard to generate one-time password tokens?

  • A. SCEP
  • B. EAP-TLS
  • C. TOTP
  • D. HOTP


Answer : C

Which methods can be used to submit files to FortiSandbox for inspection? (Choose two.)

  • A. File shares
  • B. FTP upload
  • C. SFTP upload
  • D. JSON API


Answer : A,D

Which of the following statements about layer 2 load balancing are true? (Choose two.)

  • A. HTTP content can be modified.
  • B. Its useful when the real IP addresses of the back-end servers are unknown by the FortiADC administrator.
  • C. Load balancing decisions are made based on the destination MAC address of the client traffic.
  • D. It supports IPv6.


Answer : A,C

RADIUS authentication with FortiAuthenticator is not working. The traffic sniffer indicates that client traffic is not reaching FortiAuthenticator. Which could be the cause of the problem? (Choose two.)

  • A. Incorrect RADIUS client IP and pre-shared secret
  • B. Group filters on the RADIUS client
  • C. Authentication method on the RADIUS client
  • D. Firewall policies on FortiGate


Answer : A,D

When FortiMail is operating is transparent mode, SMTP sessions are intercepted and scanned based on what criteria?

  • A. The MAIL FROM: sender envelope address.
  • B. The destination IP address.
  • C. The source IP address.
  • D. The RCPT TO: recipient envelope address.


Answer : B

The sender validation techniques SPF and DKIM rely on data provided by what type of entity?

  • A. The upstream MTA
  • B. The sender’s LDAP server
  • C. The sender’s DNS records
  • D. The sender’s email envelope


Answer : C

What statement is true for the self-service portal? (Choose two.)

  • A. Administrator approval is required for all self-registrations
  • B. Self-registration information can be sent to the user through email and SMS
  • C. Realms can be used to configure what self-registered users or groups can access the network
  • D. Users self-register through the social portal splash screen


Answer : A,B

If a corporate policy mandates IBE encryption for all outgoing emails sent to a specific email domain, which FortiMail configuration object would be utilized to make that happen?

  • A. Access delivery rule
  • B. Content action profile
  • C. Security profile
  • D. Session profile


Answer : B

In a server mode config-only cluster, where is the mail data stored? (Choose one.)

  • A. Internal FortiMail appliance storage
  • B. FortiCloud storage
  • C. External NAS storage
  • D. Server mode is not supported with config-only clusters


Answer : C

Which is true regarding Microsoft Office on FortiSandbox?

  • A. Microsoft Word documents (.docx) are not inspected.
  • B. Office 365 files are not supported.
  • C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
  • D. Office 2013 is installed in one of the VMs.


Answer : C

An administrator wants to implement load balancing persistence by configuring the
FortiADC to prefix the server ID to an existing cookie sent by the back-end servers. Which persistence method can the administrator use?

  • A. Persistence cookie
  • B. Insert cookie
  • C. Hash cookie
  • D. Embedded cookie


Answer : D

A device that is 802.1X non-compliant must be connected to the network. Which authentication method can you use to authenticate the device with FortiAuthenticator?

  • A. EAP-TTLS
  • B. EAP-TLS
  • C. PEAP (MSCHAPv2)
  • D. MAC authentication bypass


Answer : D

What is a primary motivating factor for choosing FortiMail transparent mode over server mode or gateway mode?

  • A. Full support for layer 3 IP routing
  • B. No need to change the DNS MX records
  • C. Full IPv6 support
  • D. Increased performance and scalability


Answer : B

Page:    1 / 4   
Total 64 questions