Welcome to CertificationDumps.com !

Are u looking to Pass your Certification Exam? Then you have came to the right place here you will find real exam questions of any exam taken from the testing center and aslo links to sites that sell them. So now passing your certification exam has become much easier than before all you have to do is memorize the questions you will see exactly the same questions in the real exam. In today world time is money so by this not only you save time plus you aslo save yourself the hassale of failing

November 23 2009

Fortinet 925-201b Dumps

Principles of Network Security and FortiGate Configurations

  • Exam Number/Code : 925-201b
  • Exam Name : Principles of Network Security and FortiGate Configurations
  • Questions and Answers : 104 Q&As

Download Pass4sure 925-201b Dumps from the link below
Download CertifyMe 925-201b Dumps from the link below
Download Testking 925-201b Dumps from the link below


Download Fortinet 925-201b Dumps Dumps



PrepKing.com Fortinet 925-201b Sample Questions
1. Which of the following default factory setting is true about Fortigate unit?
A. internal: 192.168.1.99/24; http, https, ping, ssh access is enabled
B. external: 192.168.100.99/24; ping is enabled
C. internal: 192.168.1.99/24;https,ping,ssh access is enable
D. external: 192.168.100.99/24;ping & http is enable
Answer: A , B
2. Which of the following firmware upgrade method will cause configuration reset?
A. WebUI
B. CLI
C. Fortimanager
D. interrupt booting procedure by CLI
Answer: D
3. Which of the following statement about TCP MTU for Fortigate is true?
A. default MTU is 1500 bytes
B. For manual and DHCP addressing mode the MTU size can be from 576 to 1500 bytes
C. for PPPOE addressing mode the MTU size can be from 576 to 1492 bytes
D. default MTU is 1492 bytes
Answer: A , B, C
4. What is the valid method to fixup Fortigate interface speed&duplex?
A. via web GUI
B. via CLI
C. via auto update
D. via foritlog
Answer: B
5. What are the necessary procedure before using Xauth . ?
A. create user group
B. create firewall policy
C. enable IPSEC VPN
D. enable PPTP
Answer: A , B, C
6. Which one is the most efficient way to block MSN traffic by Fortigate unit ?
A. Use IPS module by applying protection profile
B. Use Antivirus engine
C. Use firewall policy
D. Use content filtering
PrepKing.com
Answer: A
7. What is the valid web script filtering option for web filtering ?
A. Java Applet
B. Worm
C. ActiveX
D. Cookie
Answer: A, C, D
8. What is the best way to implement Fortigate HA ?
A. connect corresponding interface to individual switch
B. connect all interface to the same hub or switch
C. connect corresponding interface directly using cross-over cable
D. connect corresponding interface directly using straight-through cable
Answer: A
9. What is the valid address object in Fortigate unit ?
A. 10.1.1.1 / 255.255.255.0
B. 10.1.1.1 / 255.255.255.255
C. 10.1.1.1 / 255.255.255.248
D. 10.1.1.1 / 255.255.255.252
Answer: B
10. What is the valid network in Fortigate
A. 10.1.1.0 / 255.255.255.0
B. 10.1.1.1 / 255.255.255.0
C. 10.1.1.0 / 255.255.255.255
D. 10.1.1.0 / 255.255.0.0
Answer: B, D
11. What is the valid ipsec phase 1 option
A. des
B. 3des
C. md5
D. sha1
Answer: A , B
12. what is the valid ipsec pahse 2 option
A. des
B. 3des
C. md5
PrepKing.com
D. sha1
Answer: C, D
13. What is valid router object of Fortigate unit ?
A. prefix list
B. route map
C. key chain list
D. access list
Answer: A , B, C
14. What service can protection profile protect?
A. ftp
B. IMAP
C. POP3
D. http
E. SMTP
Answer: A , B, C , D , E
15. What is the default protection profile ?
A. strict
B. scan
C. web
D. unfiltered
Answer: A , B, C , D
16. What are the valid option in web filtering ?
A. content block
B. url block
C. exempt list
D. script filtering
Answer: A , B, C , D
17. What is the valid IPS option ?
A. IPS signature
B. IPS anomaly
C. IPS engine
D. IPS list
Answer: A , D
18. Which logging can enable when enable protection profile content log?
A. HTTP
PrepKing.com
B. FTP
C. IMAP
D. POP3
E. SMTP
Answer: A , B, C , D
19. What is the valid option of Fortigate HA schedule
A. none , hub , least-connection , round-robin
B. weighted round-robin , random , ip , ip port
C. switch , ip , ip port
D. priority , hub , least-connection
Answer: A , B
20. Which command can show HA status ?
A. get system status
B. diag sys ha status
C. exec ha maga 1
D. get sys lic
E. config ha
Answer: A , b , ,C
21. What is the correct match order to choose a cluster master ?
1. monitor port priority.
2. Age.
3.Unit Priority.
4.Serial number
A. 1 , 2 , 3 , 4
B. 1 , 3 , 2 , 4
C. 2 , 1 , 3 , 4
D. 2 , 4 , 1 , 3
E. 4 , 1 , 3 , 2
Answer: A
22. IPSEC VPN support which of the following DH group ?
A. 1
B. 2
C. 3
D. 4
E. 5
PrepKing.com
Answer: A , B, E
23. what is the mechanism for processing DH group
A. to generate session key
B. to generate pre-share key
C. to generate public key
D. to generate private key
Answer: A
24. Fortigatesupport which of the following client mode ,
A. ipsec
B. latp
C. pptp
D. l2f
Answer: A , B, C
25. Fortigateuse port 9443 to do what function
A. to communicate with proxy server
B. to run push update
C. to communicate with syslog server
D. to communicate with Fortilog server
Answer: B
26. What’s the difference between RIP V1 & V2 ?
A. carry more information
B. support simple authentication
C. support subnet mask
D. support encryption
Answer: A , B, C
27. Which one of the following command could show HA information of fortigate
A. get system status
B. diag sys ha status
C. exec ha mamane 1
D. diag deb ena
Answer: A , B, C
28. What is the max hop of RIP ?
A. 13
B. 14
C. 15
PrepKing.com
D. 16
Answer: C
29. What is the max metric can be configured in route sidtribution
A. 13
B. 14
C. 15
D. 16
Answer: D
30. What are the valid dhcp server option ,
A. none
B. dhcp server
C. dhcp relay agent
D. dhcp forwarding
Answer: A , B, C
31. what port is used between Fortigate to transmit log message to Foritlog
A. tcp 514
B. udp 514
C. tcp 69
D. udp 69
Answer: B
32. What is the correct protocol number for TCP(6) & UDP(17) ,
A. TCP / 6 , UDP / 17
B. TCP / 16 , UDP 117
C. TCP / 66 , UDP / 77
D. TCP / 106 , UDP / 107
Answer: A
33. Which of the following Fortigate components can not be rename
A. schedule
B. predefine service
C. address group
D. network range
Answer: A , B, C , D
34. Which of the following Traffic shaping parameter can be configured ?
A. schedule
B. traffic priority
PrepKing.com
C. max bandwidth
D. guarantee bandwidth
Answer: B, C , D
35. What is the correct policy order ,
A. encrypt->accept->deny all
B. encrypy->deny->accept->deny all
C. accept->encrypt->deny
D. deny->encrypt->accept
Answer: A
36. Best describe the feature of firewall policy :
A. if there is no preceding matching policy the packet is dropped
B. the primary function of firewall
C. policy can not be applied on user group
D. policy can not be applied with protection profile
Answer: A
37. Where can protection profile be applied on ?
A. policy
B. group
C. service
D. url filter
Answer: A , B
38. What is the valid log storage for Fortigate unit ?
A. syslog server
B. webtrend
C. local disk
D. memory buffer
E. fortilog
Answer: A , B, C , d , e
39. What is the valid IPS action when configure IPS signature ?
A. log
B. drop
C. reset client , reset server
D. pass
E. clear session
F. reset
PrepKing.com
Answer: A , B, C , d , e , f
40. What is the most efficient way to disable IPS signature ?
A. set action to pass
B. no logging
C. set to drop
D. set to clear
Answer: A , B
41. Which of the following predefined dissector signature have configurable parameter?
A. http header
B. IM
C. P2P
D. rcp decoder
E. cp-reassemble
Answer: A , B, C , D , E
42. What is the statistical anomaly type for the TCP , UDP , & ICMP protocols that Fortigate IPS identified ?
A. flooding
B. scan
C. source
D. destination session limit
Answer: A , B, C , D
43. When creating protection profile with configuring antivirus scanning , what service can be protected by
enabling virus scan & file blocking
A. HTTP
B. FTP
C. IMAP , POP3 , SMTP
D. TELNET
Answer: A , B, C
44. When creating protection profile with configuring antivirus scanning , we can disabling passing of
fragment emails for ?
A. HTTP
B. FTP
C. IMAP , POP3 , SMTP
D. TELNET
Answer: C
45. When creating protection profile with configuring antivirus scanning ,we can select an action ( pass or

Download Fortinet 925-201b Dumps Dumps


Filed Under (Fortinet) by admin
No Comments Read more
prepking

Tag Cloud

Adobe