EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

Question2: Which feature in the Security Fabric takes one or more actions based on event triggers?

Question3: Which three statements about security associations (SA) in IPsec are correct? (Choose three.)

Question4: Refer to the exhibit, which contains a static route configuration.

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question5: Refer to the exhibit.

An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic.
Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)

Question6: Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

Question7: Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)

Question8: Which two statements are true when FortiGate is in transparent mode? (Choose two.)

Question9: A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not Which configuration option is the most effective way to support this request?

Question10: An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?

Question11: An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

Question12: Refer to the exhibit, which contains a radius server configuration.

An administrator added a configuration for a new RADIUS server. While configuring, the administrator selected the Include in every user group option.
What will be the impact of using Include in every user group option in a RADIUS configuration?

Question13: Refer to the exhibit.

Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Question14: Which type of logs on FortiGate record information about traffic directly to and from the FortiGate management IP addresses?

Question15: Refer to the exhibit.

The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?

Question16: Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)

Question17: An administrator has configured a route-based IPsec VPN between two FortiGate devices. Which statement about this IPsec VPN configuration is true?

Question18: Which three statements are true regarding session-based authentication? (Choose three.)

Question19: Which two statements are correct about NGFW Policy-based mode? (Choose two.)

Question20: Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

Question21: Refer to the exhibits.


The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?

Question22: What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

Question23: When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?

Question24: Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?

Question25: Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic? (Choose three.)

Question26: Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question27: Refer to the exhibit.

The global settings on a FortiGate device must be changed to align with company security policies. What does the Administrator account need to access the FortiGate global settings?

Question28: Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

Question29: FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy.
Which two other security profiles can you apply to the security policy? (Choose two.)

Question30: In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy. Instead of separate policies. Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)

Question31: View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

Question32: Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

Question33: Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

Question34: When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

Question35: Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode? (Choose two.)

Question36: Which two statements are correct about SLA targets? (Choose two.)

Question37: Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

Question38: Refer to the exhibit.

Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?

Question39: Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

Question40: Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)

Question41: Refer to the exhibits.


The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor Facebook.
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

Question42: Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

Question43: An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the local quick mode selector for site B?

Question44: Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

Question45: Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question46: Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question47: Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?

Question48: Examine the network diagram shown in the exhibit, then answer the following question:

Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?

Question49: Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?

Question50: An administrator must disable RPF check to investigate an issue.
Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?

Question51: An administrator is running the following sniffer command:

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

Question52: Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)

Question53: Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)

Question54: Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)

Question55: Refer to the exhibit.

The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10 .0.1.254. /24.
The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?

Question56: What is the primary FortiGate election process when the HA override setting is disabled?

Question57: Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?

Question58: Refer to the exhibit.

Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?