EMT Practice Test

1. Question Content...


Question List

Question1: An administrator is using the FortiGate built-in sniffer to capture HTTP traffic between a client and a server, however, the sniffer output shows only the packets related with TCP session setups and disconnections.
Why?

Question2: What are the purposes of NAT traversal in IPsec? (Choose two.)

Question3: Which of the following statements about advanced AD access mode for FSSO collector agent are true?
(Choose two.)

Question4: View the Exhibit.

The administrator needs to confirm that FortiGate 2 is properly routing that traffic to the 10.0.1.0/24 subnet.
The administrator needs to confirm it by sending ICMP pings to FortiGate 2 from the CLI of FortiGate 1.
What ping option needs to be enabled before running the ping?

Question5: Why must you use aggressive mode when a local FortiGate IPsec gateway hosts multiple dialup tunnels?

Question6: View the Exhibit.

Which statements are correct based on this output? (Choose two.)

Question7: How does FortiGate verify the login credentials of a remote LDAP user?

Question8: Which statements about high availability (HA) for FortiGates are true? (Choose two.)

Question9: What FortiGate feature can be used to allow IPv6 clients to connect to IPv4 servers?

Question10: An administrator has created a custom IPS signature. Where does the custom IPS signature have to be applied?

Question11: View the exhibit.

When Role is set to Undefined, which statement is true?

Question12: When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?

Question13: View the exhibit.

What is the effect of the Disconnect Cluster Member operation as shown in the exhibit? (Choose two.)

Question14: Examine this output from a debug flow:

Which statements about the output are correct? (Choose two.)

Question15: Which statements correctly describe transparent mode operation? (Choose three.)

Question16: View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com(Addicting.Games).
Based on this configuration, which statement is true?

Question17: Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

Question18: Which statements about FortiGate inspection modes are true? (Choose two.)

Question19: What is FortiGate's behavior when local disk logging is disabled?

Question20: In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

Question21: An administrator needs to inspect all web traffic (including Internet web traffic) coming from users connecting to SSL VPN. How can this be achieved?

Question22: An administrator observes that the port1interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

Question23: Which component of FortiOS performs application control inspection?

Question24: Which traffic sessions can be offloaded to a NP6 processor? (Choose two.)

Question25: Which statements about One-to-One IP pool are true? (Choose two.)

Question26: View the exhibit.

This is a sniffer output of a telnet connection request from 172.20.120.186 to the port1interface of FGT1.

In this scenario. FGT1 has the following routing table:

Assuming telnet service is enabled for port1, which of the following statements correctly describes why FGT1 is not responding?

Question27: Which configuration objects can be selected for the Source filed of a firewall policy? (Choose two.)

Question28: Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.)

Question29: View the exhibit.


Which of the following statements are correct? (Choose two.)

Question30: An administrator has blocked Netflix login in a cloud access security inspection (CASI) profile. The administrator has also applied the CASI profile to a firewall policy.
What else is required for the CASI profile to work properly?

Question31: When using WPAD DNS method, what is the FQDN format that browsers use to query the DNS server?

Question32: Which statements about IP-based explicit proxy authentication are true? (Choose two.)

Question33: Examine the exhibit, which contains a virtual IP and a firewall policy configuration.

The WAN(port1) interface has the IP address 10.200.1.1/24. The LAN(port2) interface has the IP address
10.0.1.254/24.
The top firewall policy has NAT enabled using outgoing interface address. The second firewall policy configured with a virtual IP (VIP) as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question34: Which statements about antivirus scanning using flow-based full scan are true? (Choose two.)

Question35: View the exhibit.

Based on this output, which statements are correct? (Choose two.)

Question36: Examine the following interface configuration on a FortiGate in transparent mode:

Which statement about this configuration is correct?

Question37: Which statement is true regarding the policy ID numbers of firewall policies?

Question38: How can you format the FortiGate flash disk?

Question39: What information is flushed when the chunk-sizevalue is changed in the config dlp settings?

Question40: How can a browser trust a web-server certificate signed by a third party CA?

Question41: Which statement about data leak prevention (DLP) on a FortiGate is true?

Question42: An administrator has configured a route-based IPsec VPN between two FortiGates. Which statement about this IPsec VPN configuration is true?

Question43: An administrator has enabled proxy-based antivirus scanning and configured the following settings:

Which statement about the above configuration is true?

Question44: Examine this PAC file configuration.

Which of the following statements are true? (Choose two.)

Question45: An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?

Question46: How do you configure inline SSL inspection on a firewall policy? (Choose two.)

Question47: How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent?

Question48: Which statement about the FortiGuard services for the FortiGate is true?

Question49: Which statement about the firewall policy authentication timeout is true?

Question50: How does FortiGate look for a matching firewall policy to process traffic?

Question51: Which of the following statements describe WMI polling mode for FSSO collector agent? (Choose two.)

Question52: Under what circumstance would you enable LEARN as the Action on a firewall policy?

Question53: Examine this output from the diagnose sys topcommand:

Which statements about the output are true? (Choose two.)

Question54: Which of the following settings and protocols can be used to provide secure and restrictive administrative access to FortiGate? (Choose three.)

Question55: Which of the following statements about central NAT are true? (Choose two.)

Question56: An administrator has configured two VLAN interfaces:

A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface.
However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?

Question57: What inspections are executed by the IPS engine? (Choose three.)

Question58: What statement describes what DNS64 does?

Question59: A FortiGate is operating in NAT/Route mode and configured with two virtual LAN (VLAN) sub-interfaces added to the same physical interface.
Which statement about the VLAN IDs in this scenario is true?

Question60: What does the command diagnose debuf fsso-polling refresh-user do?

Question61: What traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

Question62: Which statements about an IPv6-over-IPv4 IPsec configuration are correct? (Choose two.)

Question63: An administrator has enabled the DHCP Server on the port1 interface and configured the following based on the exhibit.

Which statement is correct based on this configuration?

Question64: Which of the following statements are true when using Web Proxy Auto-discovery Protocol (WPAD) with the DHCP discovery method? (Choose two.)

Question65: Which of the following statements about NTLM authentication are correct? (Choose two.)

Question66: View the exhibit.

When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?

Question67: What methods can be used to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)

Question68: If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does the FortiGate take?

Question69: An administrator wants to create a policy-based IPsec VPN tunnel between two FortiGate devices.
Which configuration steps must be performed on both units to support this scenario? (Choose three.)

Question70: View the exhibit.

Which statements about the exhibit are true? (Choose two.)

Question71: Which of the following statements about the FSSO collector agent timers is true?

Question72: An administrator needs to offload logging to FortiAnalyzer from a FortiGate with an internal hard drive.
Which statements are true? (Choose two.)

Question73: An administrator has configured a dialup IPsec VPN with XAuth. Which method statement best describes this scenario?

Question74: View the example routing table.

Which route will be selected when trying to reach 10.20.30.254?

Question75: An administrator has configured the following settings:

What does the configuration do? (Choose two.)

Question76: View the exhibit.

The client cannot connect to the HTTP web server. The administrator run the FortiGate built-in sniffer and got the following output:

What should be done next to troubleshoot the problem?

Question77: How does FortiGate select the central SNAT policy that is applied to a TCP session?

Question78: Which of the following statements about policy-based IPsec tunnels are true? (Choose two.)

Question79: An administrator needs to be able to view logs for application usage on your network. What configurations are required to ensure that FortiGate generates logs for application usage activity? (Choose two.)

Question80: A company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?

Question81: You are tasked to architect a new IPsec deployment with the following criteria:
- There are two HQ sites that all satellite offices must connect to.
- The satellite offices do not need to communicate directly with other satellite offices.
- No dynamic routing will be used.
- The design should minimize the number of tunnels being configured.
Which topology should be used to satisfy all of the requirements?

Question82: Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)

Question83: Examine the exhibit.

A client workstation is connected to FortiGate port2. The Fortigate port1 is connected to an ISP router.
Port2 and port3 are both configured as a software switch.
What IP address must be configured in the workstation as the default gateway?

Question84: What step is required an SSL VPN to access to an internal server using port forward mode?

Question85: A FortiGate interface is configured with the following commands:

What statements about the configuration are correct? (Choose two.)

Question86: Examine the routing database.

Which of the following statements are correct? (Choose two.)