FCNSP Sample Exam Questions, Fortinet Practice Exam Demos Free Download

Adobe

Apple

Avaya

BlackBerry

BICSI

Check Point

Cisco

Citrix

CIW

COGNOS

CompTIA

CWNP

EMC

Exam Express

Exin

F5 Networks

Human Resources

IBM

Isaca

ISC

ISEB

Juniper

Lotus

LPI

Microsoft

Network Appliance

Nortel

Oracle

PMI

RedHat

SNIA

Sun

Sybase

Symantec

Teradata

VMware

Fortinet FCNSP Exam - PassITexam.net

Free FCNSP Sample Questions:

Q: 1
FortiGate unit is configured with three Virtual Domains (VDMOs) as illustrated in the exhibit.
(This exhibit is not available in this demo)
Which of the following statements are true if the network administrator wants to route traffic between all the VDOMs? (Select all that apply.)
A. The administrator should configure inter-VDOM links to avoid using external interfaces and routers.
B. As with ail FortiGate unit interfaces, firewall policies must be in place for traffic to be allowed to pass through any Interface, Including iner-VDOM links. This provides the same level of security internally as externally.
C. This configuration requires the use of an external router.
D. Inter-VDOM routing is autornatically provided if all the sublets that need to be routed are locally attached. As each VDOM has an independent routing table, routing rules need to be set (for example, static routing, OOPF) in each VDOM to route traffic between VDOMs.
Answer: D

Q: 2
What advantages are there in using a fully Meshed IPSec VPN configuration instead of a hub and spoke set of IPSec tunnels?
A. Using a hub and spoke topology is required to achieve full redundancy.
B. Using a full mesh topology simplifies configuration.
C. Using a full mesh topology provides stronger encryption.
D. Full mesh topology is the most fault-tolerant configuration.
Answer: B

Q: 3
The FortiGate Server Authentication Extensions (FSAE) provides a single sign on soulution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSAE in a Windows domain environment when NTLM is not used? (Select all that apply)
A. An FSAE Collector Agent must be installed on every domain controller.
B. An FSAE Domain ollector Agent must be installed on every domain controller.
C. The FSAE Domain ollector Agent will regularly update user logon information on the FortiGate unit.
D. FSAE Domain ollector Agent will retrieve user information from the the FSAE Domain ollector Agent and will sent the user logon information to the FortiGate unit.
E. For non-domain computers, an FSAE client must be installed on the computer to allow FSAE authentication.
Answer: D

Q: 4
When configuring a server load balanced virtual IP, which of the following is the best distribution algorithm to be used in applications where the same physical destination server must be maintained between sessions?
A. Static
B. Round robin
C. Weighted round robin
D. Least connected
Answer: C

Q: 5
The following diagnostic output is displayed in the CLI:
Diag firewall auth list
Policy id: 9, src: 192.168.3.168, action: timeout: 13427
User: fortielient_chk_only, group:
Flag (80020): auth timeout_ext,flag2 (40): exact
Group id: 0, av group: 0
---- 1 listed, 0 filtered -------
Based on this output, which of the following statements is correct?
A. firewall policy 9 has endpoint compliance enabled but not firewall authentication
B. The client checks that is part of an SSL VPN connection attempt failed.
C. This user has been associated with a guest profile as evidenced by the group id of 0.
D. An suth-keepalive value has been enabled.
Answer: A

Copyright (c) 2001-2011 PassITExam.net®
Best IT Certification Exams Provider - Cheat-Test.com certifysky.com passitexam.com