Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Fortinet EMEA-Advanced-Support Dumps Questions Answers

Fortinet EMEA Advanced Support Exam Questions and Answers

Question 1

Which of these BGP paths will be the preferred one ?

Options:

A.

Prefer External path (learned via EBGP) over Internal path (IBGP)

B.

Prefer the path with the shortest AS Path

C.

Prefer the path with the lowest Multi-Exit Discriminator (MED)

D.

Prefer the path with the highest Local Preference value

Buy Now
Question 2

What are the advantages of using a hub-and-spoke IPSec VPN configuration instead of a fully-meshed set of IPSec tunnels? (Select all that apply below)

Options:

A.

Using a hub and spoke topology is required to achieve full redundancy.

B.

Using a hub and spoke topology simplifies configuration because fewer tunnels are required.

C.

Using a hub and spoke topology provides stronger encryption.

D.

The routing table management is simpler because of fewer routes compared to a fully meshed node.

Question 3

A Company is running an outdated version of a Webserver software that is vulnerable to multiple code execution and injection attacks. Which Security feature can protect the Webserver until the security patches are applied?

Options:

A.

Anti-virus Protection

B.

Intrusion Detection System

C.

Intrusion Prevention System

D.

Anti rootkit Protection

Question 4

What is the role of the FortiGate ‘set srcintf’ command in a firewall policy?

Options:

A.

Specifies the source interface for traffic matching

B.

Defines the destination interface for traffic

C.

Sets the source IP address range

D.

Configures the source NAT interface

Question 5

Client is connected to firewall via link with MTU 1500 bytes, server is connected to firewall via link with MTU 1496 bytes. The firewall is rewriting both sender and receiver tcp-mss to 1450 bytes. What maximum size of IP packets are we going to see when client connects to server?

Options:

A.

1500 bytes

B.

1496 bytes

C.

1500 bits

D.

1496 bits

E.

1450 bytes

F.

1450 bits

Question 6

TCP protocol can be used for data delivery via multicast

Options:

A.

Yes

B.

No

Question 7

In a FortiGate high availability (HA) cluster, what happens if the primary unit fails?

Options:

A.

The cluster is disabled, and traffic stops

B.

A secondary unit takes over as the primary unit

C.

The cluster switches to active-passive mode

D.

Traffic is rerouted through an external gateway

Question 8

Which FortiGate feature allows for dynamic routing protocol updates to be propagated through an IPsec VPN tunnel?

Options:

A.

Auto Discovery VPN (ADVPN)

B.

Dynamic Routing Gateway

C.

Virtual Routing and Forwarding (VRF)

D.

Route-based VPN

Question 9

Firewall is performing stateful inspection for TCP traffic between Client 10.0.0.21 and Server 172.16.1.200.

Options:

A.

The ACK was not supposed to be sent to client 10.0.0.21

B.

Traffic is Asymmetric and not allowed by the Firewall

C.

Traffic should be allowed

D.

Three way handshake was not completed

Question 10

Hybrid cloud means that

Options:

A.

The cloud provider uses AMD, Intel and possibly also other CPU vendors

B.

Some of the customer's systems are virtualized in the public cloud and some are in the local datacenter

C.

One customer uses VMs with multiple different operating systems in the same cloud account

D.

Cloud provider provides both 32-bit and 64-bit virtual machines

Question 11

Link aggregation allows network devices to________

Options:

A.

Increase bandwidth of an interface

B.

Increase bandwidth by binding physical interfaces into a single channel

C.

Restrict the bandwidth

D.

None of the above

Question 12

In FortiGate, what is the purpose of the ‘set webfilter-profile’ command in a firewall policy?

Options:

A.

Applies a web filtering profile to block or allow URLs

B.

Enables deep packet inspection for web traffic

C.

Configures the web proxy settings

D.

Sets the web server authentication profile

Question 13

What does the below route indicate?

Options:

A.

The destination network can be reached via any gates

B.

It is a dummy route in the routing table

C.

The destination network is locally connected on that interface

D.

The device does not know the destination

Question 14

Which Router in an OSPF Domain sends a Type-4 Summary LSA

Options:

A.

ABR

B.

ASBR

C.

All OSPF Routers

D.

Stub Routers only

Question 15

Which of the following is a network monitoring protocol?

Options:

A.

RDP

B.

Telnet

C.

SNMP

D.

SSH