EMT Practice Test

1. Question Content...


Question List

Question1: Refer to the exhibit.




The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).
Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied.
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?

Question2: How do you format the FortiGate flash disk?

Question3: Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode? (Choose two.)

Question4: Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question below.

When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?

Question5: Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

Question6: Refer to the exhibit showing a debug flow output.

Which two statements about the debug flow output are correct? (Choose two.)

Question7: A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
* All traffic must be routed through the primary tunnel when both tunnels are up
* The secondary tunnel must be used only if the primary tunnel goes down
* In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two,)

Question8: Refer to the exhibits.


The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor Facebook.
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

Question9: Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

Question10: Refer to the exhibit to view the firewall policy.

Which statement is correct if well-known viruses are not being blocked?

Question11: Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

Question12: Refer to the exhibit.

Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?

Question13: Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)

Question14: View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

Question15: Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

Question16: Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same destination?

Question17: Refer to the exhibits.


The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?

Question18: Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)

Question19: An administrator is running the following sniffer command:

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

Question20: Which Security rating scorecard helps identify configuration weakness and best practice violations in your network?

Question21: View the exhibit.

Which of the following statements are correct? (Choose two.)

Question22: Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

Question23: Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question24: When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

Question25: Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

Question26: FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy.
Which two other security profiles can you apply to the security policy? (Choose two.)

Question27: What is the primary FortiGate election process when the HA override setting is disabled?

Question28: Refer to the exhibit to view the application control profile.

Users who use Apple FaceTime video conferences are unable to set up meetings.
In this scenario, which statement is true?

Question29: An administrator has configured the following settings:

Question30: Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.


An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

Question31: Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

Question32: An organization's employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?

Question33: Examine the exhibit, which contains a virtual IP and firewall policy configuration.



The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question34: Which security feature does FortiGate provide to protect servers located in the internal networks from attacks such as SQL injections?

Question35: Which three statements are true regarding session-based authentication? (Choose three.)

Question36: Which type of logs on FortiGate record information about traffic directly to and from the FortiGate management IP addresses?

Question37: Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

Question38: An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

Question39: Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

Question40: An administrator has configured outgoing Interface any in a firewall policy. Which statement is true about the policy list view?

Question41: Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

Question42: Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

Question43: An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

Question44: Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic? (Choose three.)

Question45: What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Question46: Which two statements are true about collector agent standard access mode? (Choose two.)

Question47: View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

Question48: Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?

Question49: If the Servicesfield is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

Question50: Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)