EMT Practice Test

1. Question Content...


Question List

Question1: In an explicit proxy setup, where is the authentication method and database configured?

Question2: Which security feature does FortiGate provide to protect servers located in the internal networks from attacks such as SQL injections?

Question3: An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels.
The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel.
Which DPD mode on FortiGate will meet the above requirement?

Question4: Which two types of traffic are managed only by the management VDOM? (Choose two.)

Question5: What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?

Question6: A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to work?

Question7: Refer to the exhibit.

The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)

Question8: Which three statements are true regarding session-based authentication? (Choose three.)

Question9: Refer to the exhibit.


The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?

Question10: What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

Question11: View the exhibit.

Which of the following statements are correct? (Choose two.)

Question12: Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question13: Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question14: A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser does not report errors.
What is the reason for the certificate warning errors?

Question15: Refer to the exhibit, which contains a static route configuration.

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question16: An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

Question17: Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

Question18: Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)

Question19: Which of the following SD-WAN load -balancing method use interface weight value to distribute traffic?
(Choose two.)

Question20: How do you format the FortiGate flash disk?

Question21: An administrator has a requirement to keep an application session from timing out on port 80. What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)

Question22: Exhibit:

Refer to the exhibit to view the authentication rule configuration In this scenario, which statement is true?

Question23: Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same destination?

Question24: Examine the exhibit, which contains a virtual IP and firewall policy configuration.



The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address
10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question25: Which two statements are true about collector agent advanced mode? (Choose two.)

Question26: Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

Question27: Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question28: Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

Question29: Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection?
(Choose two.)

Question30: By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard servers.
Which CLI command will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering?

Question31: Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

Question32: How does FortiGate act when using SSL VPN in web mode?

Question33: Which of the following statements about central NAT are true? (Choose two.)

Question34: Which scanning technique on FortiGate can be enabled only on the CLI?

Question35: Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?

Question36: Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?

Question37: In which two ways can RPF checking be disabled? (Choose two )

Question38: Refer to the exhibit.

The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client and the explicit web proxy?

Question39: Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)

Question40: If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

Question41: A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.
What is the reason for the failed virus detection by FortiGate?

Question42: The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile.
What order must FortiGate use when the web filter profile has features enabled, such as safe search?

Question43: Refer to the exhibits.


The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?

Question44: You have enabled logging on your FortiGate device for Event logs and all Security logs, and you have set up logging to use the FortiGate local disk.
What is the default behavior when the local disk is full?

Question45: Which statement about the IP authentication header (AH) used by IPsec is true?

Question46: Refer to the exhibit.

The global settings on a FortiGate device must be changed to align with company security policies. What does the Administrator account need to access the FortiGate global settings?

Question47: Which two statements are true about the RPF check? (Choose two.)

Question48: View the exhibit.

A
user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

Question49: Refer to the exhibits.


Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)

Question50: Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

Question51: Which statement about video filtering on FortiGate is true?

Question52: Refer to the exhibit.

Which contains a session diagnostic output. Which statement is true about the session diagnostic output?

Question53: Refer to the exhibit.

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How
does FortiGate process the traffic sent to http://www.fortinet.com?

Question54: Which feature in the Security Fabric takes one or more actions based on event triggers?

Question55: View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

Question56: An administrator wants to configure timeouts for users. Regardless of the useres behavior, the timer should start as soon as the user authenticates and expire after the configured value.
Which timeout option should be configured on FortiGate?