EMT Practice Test

1. Question Content...


Question List

Question1: An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

Question2: Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?

Question3: Which statement about the IP authentication header (AH) used by IPsec is true?

Question4: Refer to the exhibit, which contains a static route configuration.

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question5: Refer to the exhibits.


The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?

Question6: In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy. Instead of separate policies. Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)

Question7: An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the local quick mode selector for site B?

Question8: Refer to the exhibit.

The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)

Question9: Which two statements are true about the RPF check? (Choose two.)

Question10: What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

Question11: Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

Question12: If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

Question13: An organization's employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?

Question14: Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

Question15: Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

Question16: Examine this FortiGate configuration:

How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?

Question17: Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question18: Which scanning technique on FortiGate can be enabled only on the CLI?

Question19: Which three methods are used by the collector agent for AD polling? (Choose three.)

Question20: Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

Question21: Examine this FortiGate configuration:

Examine the output of the following debug command:

Based on the diagnostic outputs above, how is the FortiGate handling the traffic for new sessions that require inspection?

Question22: Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

Question23: Refer to the exhibit.

Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Question24: What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Question25: Which two statements are correct about SLA targets? (Choose two.)

Question26: An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

Question27: An administrator has configured two-factor authentication to strengthen SSL VPN access. Which additional best practice can an administrator implement?

Question28: FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy.
Which two other security profiles can you apply to the security policy? (Choose two.)

Question29: Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question30: A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface.
Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

Question31: Which statement about the policy ID number of a firewall policy is true?

Question32: Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question below.

When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?

Question33: Which two statements are true when FortiGate is in transparent mode? (Choose two.)

Question34: Refer to the exhibit showing a debug flow output.

Which two statements about the debug flow output are correct? (Choose two.)

Question35: What is the primary FortiGate election process when the HA override setting is disabled?

Question36: View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

Question37: Examine the exhibit, which contains a virtual IP and firewall policy configuration.



The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question38: View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

Question39: Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

Question40: Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

Question41: Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

Question42: Which two types of traffic are managed only by the management VDOM? (Choose two.)

Question43: Which two statements are true about the RPF check? (Choose two.)

Question44: Which three statements are true regarding session-based authentication? (Choose three.)

Question45: Refer to the exhibits.


Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)

Question46: Refer to the exhibit.

The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access internet. The To_lnternet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)

Question47: Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

Question48: When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

Question49: By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard servers.
Which two CLI commands will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering? (Choose two.)

Question50: An administrator has configured a route-based IPsec VPN between two FortiGate devices. Which statement about this IPsec VPN configuration is true?

Question51: Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.


An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

Question52: Refer to the exhibit.

Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)