EMT Practice Test

1. Question Content...


Question List

Question1: Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)

Question2: The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile.
What order must FortiGate use when the web filter profile has features enabled, such as safe search?

Question3: An administrator has configured the following settings:

Question4: Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?

Question5: If Internet Service is already selected as Destination in a firewall policy, which other configuration objects can be selected to the Destination field of a firewall policy?

Question6: Which three statements are true regarding session-based authentication? (Choose three.)

Question7: Which two statements are true about the RPF check? (Choose two.)

Question8: A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
* All traffic must be routed through the primary tunnel when both tunnels are up
* The secondary tunnel must be used only if the primary tunnel goes down
* In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two,)

Question9: Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question10: Refer to the exhibit.

Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)

Question11: Refer to the exhibit.

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?

Question12: Which three statements about security associations (SA) in IPsec are correct? (Choose three.)

Question13: Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)

Question14: Refer to the exhibit to view the application control profile.

Based on the configuration, what will happen to Apple FaceTime?

Question15: Which three security features require the intrusion prevention system (IPS) engine to function? (Choose three.)

Question16: Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question17: Which of statement is true about SSL VPN web mode?

Question18: An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?

Question19: Which statement about the IP authentication header (AH) used by IPsec is true?

Question20: In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy. Instead of separate policies. Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)

Question21: Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

Question22: Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

Question23: Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

Question24: Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

Question25: Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

Question26: Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

Question27: What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Question28: What devices form the core of the security fabric?

Question29: Refer to the FortiGuard connection debug output.

Based on the output shown in the exhibit, which two statements are correct? (Choose two.)

Question30: Exhibit:

Refer to the exhibit to view the authentication rule configuration In this scenario, which statement is true?

Question31: Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

Question32: Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)

Question33: Which two statements are correct about NGFW Policy-based mode? (Choose two.)

Question34: Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?

Question35: A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to work?

Question36: An administrator is configuring an IPsec VPN between site A and site B.
The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?

Question37: Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

Question38: Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

Question39: An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

Question40: Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

Question41: Which feature in the Security Fabric takes one or more actions based on event triggers?

Question42: Which two statements are true when FortiGate is in transparent mode? (Choose two.)

Question43: A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.
What is the reason for the failed virus detection by FortiGate?

Question44: Refer to the exhibit.

Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?

Question45: How does FortiGate act when using SSL VPN in web mode?

Question46: Which two statements are true about collector agent standard access mode? (Choose two.)

Question47: Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

Question48: Which two statements are correct about a software switch on FortiGate? (Choose two.)

Question49: Refer to the exhibits.


The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor Facebook.
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

Question50: Refer to the exhibit, which contains a static route configuration.

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question51: Refer to the exhibit.

Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

Question52: An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

Question53: View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

Question54: If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

Question55: An organization's employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?

Question56: Which three statements about a flow-based antivirus profile are correct? (Choose three.)

Question57: Which statement regarding the firewall policy authentication timeout is true?