AC
AnkiCollab
AnkiCollab
Sign in
Explore Decks
Helpful
Join Discord
Download Add-on
Documentation
Support Us
Notes in
CORE_Fortigate_7.4_Administrator
To Subscribe, use this Key
carpet-cardinal-football-may-robert-illinois
Status
Last Update
Fields
Published
09/23/2024
What is the default operation mode?
Published
09/23/2024
How do you connect your computer to a FortiGate for setup on entry-level models?
Published
09/23/2024
How do you connect your computer to a FortiGate for setup on high-end or mid-range models?
Published
09/23/2024
True or False. If your computer's network settings have DHCP enabled when setting up an entry-level FortiGate, your computer should automatically get …
Published
09/23/2024
What is the default IP address for accessing the FortiGate GUI?
Published
09/23/2024
Why is it important to change the default password when setting up a FortiGate?
Published
09/23/2024
What ports are available on FortiGate models for CLI access?
Published
09/23/2024
How can you access the FortiGate CLI without a network?
Published
09/23/2024
What mode requires each FortiGate interface handling traffic to have an IP address?
Published
09/23/2024
What role does the IP address play when FortiGate is in NAT mode?
Published
09/23/2024
What are the methods to assign an IP address to a FortiGate interface in NAT mode?
Published
09/23/2024
Which two automatic methods can be used to assign an IP address in FortiGate NAT mode?
Published
09/23/2024
Why should a DHCP server not be enabled on a WAN interface?
Published
09/23/2024
What happens to the GUI settings when the interface Role is configured?
Published
09/23/2024
True or False. All interface settings are available on both the GUI and CLI.
Published
09/23/2024
What is the typical use of device detection, and where is it used?
Published
09/23/2024
What interface role setting allows all configuration options to be visible on the GUI?
Published
09/23/2024
What is the purpose of an interface alias in FortiGate configuration?
Published
09/23/2024
True or Fale. FortiGate can act as a DHCP server for only wired devices.
Published
09/23/2024
How do you configure FortiGate to act as a DHCP server on an interface?
Published
09/23/2024
What do VLANs do in a network?
Published
09/23/2024
In NAT operation mode, what does each VLAN form?
Published
09/23/2024
Can multiple VLANs coexist on the same physical interface in FortiGate?
Published
09/23/2024
How do you begin creating a VLAN using the FortiGate GUI?
Published
09/23/2024
What are two things you must specify when creating a VLAN in the FortiGate GUI?
Published
09/23/2024
Are frames belonging to VLAN interfaces tagged or untagged?
Published
09/23/2024
What happens to frames sent or received by the physical interface segment?
Published
09/23/2024
What is the native VLAN ID?
Published
09/23/2024
In a multiple-VDOM environment, where can the physical interface and its VLAN subinterface be placed?
Published
09/23/2024
What should you configure on FortiGate before integrating it into your network?
Published
09/23/2024
How does FortiGate retrieve the default gateway if it gets its IP address through DHCP or PPPoE?
Published
09/23/2024
What must you configure if FortiGate does not retrieve a default gateway dynamically?
Published
09/23/2024
Why is a default gateway a must-have in FortiGate configuration?
Published
09/23/2024
What determines which route takes precedence when two routes have the same distance?
Published
09/23/2024
What feature should you enable if you want to subdivide policies and administrators into multiple security domains?
Published
09/23/2024
What do FortiGate VDOMs allow you to do?
Published
09/23/2024
True or False. Traffic from one VDOM can go to another VDOM by default.
Published
09/23/2024
True or False. Two interfaces in different VDOMs can share the same IP address without any overlapping subnet issues.
Published
09/23/2024
What does a single FortiGate device become when using VDOMs?
Published
09/23/2024
How many VDOMs are supported on FortiGate by default?
Published
09/23/2024
When might you prefer using the CLI over the GUI for administering FortiGate?
Published
09/23/2024
How can you access the FortiGate CLI?
Published
09/23/2024
What limitation does an administrative like SNMP have?
Published
09/23/2024
What are two common methods to connect to FortiGate using a terminal emulator?
Published
09/23/2024
Within the FortiGate GUI, how would you start to configure a Administrative User?
Published
09/23/2024
What is the first step when creating new administrative users in FortiGate?
Published
09/23/2024
Why is it a best practice for each administrator to have their own account?
Published
09/23/2024
When would you select REST API Admin while creating a new admin user?
Published
09/23/2024
What tools can be used to audit the strength of FortiGate passwords?
Published
09/23/2024
How can you restrict an administrator's access to specific features in FortiGate?
Published
09/23/2024
What types of permissions can you assign to an administrator profile in FortiGate?
Published
09/23/2024
What is the super_admin profile, and can you change its permissions?
Published
09/23/2024
How is the prof_admin profile different from the super_admin profile?
Published
09/23/2024
Why is it a best practice to restrict administrator permissions to the minimum necessary for their job?
Published
09/23/2024
What is the purpose of the Override Idle Timeout option in administrator profiles?
Published
09/23/2024
Can administrators with limited permissions access the entire FortiGate device?
Published
09/23/2024
What is the purpose of defining trusted sources in FortiGate?
Published
09/23/2024
What happens when an admin attempts to log in from an IP that is not trusted?
Published
09/23/2024
What message is shown if an administrator tries to log in from an IP that is not trusted for any administrator?
Published
09/23/2024
What does setting the trusted IP to 0.0.0.0/0 mean?
Published
09/23/2024
What is the advantage of allowing concurrent administrative sessions in FortiGate?
Published
09/23/2024
What does the idle timeout setting control, and what is the default value?
Published
09/23/2024
How can increasing the idle timeout help administrators?
Published
09/23/2024
Why should the idle timeout setting be configured on a per-profile basis?
Published
09/23/2024
How do you enable or disable management protocols on FortiGate?
Published
09/23/2024
True or False. It is a best practice to disable administrative access on unused FortiGate interfaces.
Published
09/23/2024
What are the management protocols available on FortiGate?
Published
09/23/2024
True or False. You should enable PING on external interfaces.
Published
09/23/2024
Why should you disable protocols like HTTP and TELNET on FortiGate?
Published
09/23/2024
What is the purpose of the FortiTelemetry protocol?
Published
09/23/2024
What protocol should be used for managing FortiAP, FortiSwitch, and FortiExtender?
Published
09/23/2024
What is the FMG-Access protocol used for?
Published
09/23/2024
What is the purpose of the RADIUS accounting protocol in FortiGate?
Published
09/23/2024
What does FTM (FortiToken Mobile) protocol support?
Published
09/23/2024
How does FortiGate detect upstream FortiGate devices using LLDP?
Published
09/23/2024
What format has become increasingly popular to be taken as a backup as well as restore configurations using GUI and CLI?
Published
09/23/2024
What is the command in the FortiGate CLI to retrieve the firmware version?
Published
09/23/2024
Where in the FortiGate GUI can you retrieve the firmware information?
Published
09/23/2024
True or False. The Firmware & Registration page allows administrators to manage the firmware running on each FortiGate, FortiAP, and FortiSwitch i…
Published
09/23/2024
What is the difference between the Upgrade and Fabric Upgrade options within the Firmware & Registration page?
Published
09/23/2024
Within the Firmware & Registration page, what is the Register option used for?
Published
09/23/2024
Within the Firmware & Registration page, what is the Authorize option used for?
Published
09/23/2024
True or False. Utilize the Release Notes to make sure that you understand the support upgrade path when it comes to upgrading firmware.
Published
09/23/2024
What do FortiGuard Subscription Services provide to FortiGate?
Published
09/23/2024
Which option does FortiGate use FortiGuard for threat intelligence? (choose one, both, or none)A. FortiGate periodically requests packages containing …
Published
09/23/2024
Where does FortiGate select a FortiGuard server from by default?
Published
09/23/2024
True or False. You can limit FortiGate to using FortiGuard servers based in the USA by changing the FortiGuard server location setting to USA, ensurin…
Published
09/23/2024
Why does FortiGate query FortiGuard in real-time for spam and filtered websites?
Published
09/23/2024
Which protocols can be used for real-time FortiGuard queries, and why are they chosen?
Published
09/23/2024
How are packages like antivirus and IPS updates different from real-time queries?
Published
09/23/2024
What happens to FortiGate features if the internet connection is unreliable after downloading a package?
Published
09/23/2024
What is the default protocol used for DNS traffic when using FortiGuard DNS servers?
Published
09/23/2024
What new FortiGuard DNS server settings are available in FortiOS?
Published
09/23/2024
Flip this card to review some of the FortiGuard servers and their domain names and IP addresses.
Published
09/23/2024
What security feature has been implemented for all FortiGuard servers to verify SSL certificates?
Published
09/23/2024
What is the default FortiGuard access mode on FortiGate, and why it is used?
Published
09/23/2024
How does FortiGate connect to FortiGuard servers regardless of its location?
Published
09/23/2024
What does OCSP stand for and what does it do?
Published
09/23/2024
When does FortiGate complete the TLS handshake with a FortiGuard server?
Published
09/23/2024
What happens if FortiGuard cannot reach the OCSP responder?
Published
09/23/2024
True or False. The following conditions will abort a FortiGate's connection to a FortiGuard server:-The CN in the server certificate does not match th…
Published
09/23/2024
What does the FortiGuard anycast access mode force the rating process to use?
Published
09/23/2024
Explain where to check the status of FortiGuard licenses and the communication to FortiGuard on the FortiGate GUI.
Published
09/23/2024
Give me the command to issue for listing all the FortiGuard databases and engines installed.Local-FortiGate # diagnose ______ ______
Published
09/23/2024
Multiple choice.How do you restrict logins to FortiGate from only specific IP addresses?A. Change the FortiGate management interface IP addressB. Cong…
Published
09/23/2024
Multiple choice.When restoring an encrypted system configuration file, in addition to the FortiGate model and firmware version from the time the confi…
Published
09/23/2024
Multiple choice.To increase the chances of success, what document should you consult before upgrading or downgrading firmware?A. CLI Reference GuideB.…
Published
09/23/2024
Test
Published
09/23/2024
TEST
Published
09/25/2024
What is the next match criteria FortiGate considers after interfaces?
Published
09/25/2024
What limitation applies when you choose the any interface option in a firewall policy?
Published
09/25/2024
How can you enable the option to select multiple interfaces or any interface in the GUI?
Published
09/25/2024
By default, how many interfaces can you select for the incoming and outgoing interfaces in a firewall policy?
Published
09/25/2024
What can be used as the Source in a firewall policy?
Published
09/25/2024
How would you configure a policy to block FTP traffic except for specific FTP servers?
Published
09/25/2024
What happens if the firewall policy Action is set to ALLOW?
Published
09/25/2024
What happens if the firewall policy Action is set to DENY?
Published
09/25/2024
What criteria does FortiGate use to match a packet to a firewall policy?
Published
09/25/2024
Why do you only need one firewall policy that matches the direction of traffic that initiates the session?
Published
09/25/2024
What unique identifier is added to firewall objects and policies?
Published
09/25/2024
How can you make firewall policy names optional in the GUI?
Published
09/25/2024
Is naming a firewall policy mandatory in the CLI?
Published
09/25/2024
When configuring a firewall policy on the GUI, what must be specified?
Published
09/25/2024
Which type of firewall policies are the most commonly used in FortiGate?
Published
09/25/2024
How can you access other policy types in FortiGate?
Published
09/25/2024
By default, which policy type is visible under Policy & Objects in the FortiGate GUI?
Published
09/25/2024
What Firewall Policy type checks for anomalous patterns in the network traffic arriving at a FortiGate interface to prevent DoS attacks?
Published
09/25/2024
What Firewall Policy type controls traffic to a FortiGate interface and can be used to restrict administrative access?
Published
09/25/2024
What Firewall Policy type controls the traffic between the interfaces in a virtual wire pair?
Published
09/25/2024
What do policies in FortiGate refer to when matching traffic and applying security?
Published
09/25/2024
What happens to traffic that doesn't match any firewall policy?
Published
09/25/2024
How does FortiGate process traffic based on firewall policies? (top->bottom? bottom->top?)
Published
09/25/2024
What additional decisions can firewall policies control?
Published
09/25/2024
What is Unified Threat Management (UTM)?
Published
09/25/2024
What happens if traffic matches a policy that doesn't block it?
Published
09/25/2024
How does FortiGate decide whether traffic is allowed? (what does it check?)
Published
09/25/2024
What is a firewall policy in FortiGate?
Published
09/25/2024
Multiple choice. Which of the following is the default VIP type?A. static-natB. load-balance
Published
09/25/2024
What is the default IP pool type?
Published
09/25/2024
What must be selected in each firewall policy as a source match?
Published
09/25/2024
How can you refine the source match criteria for increased security in a firewall policy?
Published
09/25/2024
True or False. You can select ISDB (Internet Service Database) objects as the source in a firewall policy?
Published
09/25/2024
What must happen when using a fully qualified domain name (FQDN) as the source address?
Published
09/25/2024
What happens if FortiGate cannot resolve an FQDN used as a source address?
Published
09/25/2024
True or False. A valid FortiCare support contract provides up-to-date information to use the ISDB and geography database as firewall objects.
Published
09/25/2024
What does FortiGate check after evaluating the packet's source in a firewall policy?
Published
09/25/2024
What types of objects can be used as destinations in a firewall policy?
Published
09/25/2024
What must be configured if you enter an FQDN as the address object?
Published
09/25/2024
What is a geographic address in FortiGate?
Published
09/25/2024
Why can't you select a user as the destination in a firewall policy?
Published
09/25/2024
What are security profiles in a firewall policy used for?
Published
09/25/2024
When inspecting traffic, what are the two methods FortiGate can use?
Published
09/25/2024
Do all security features work with both flow-based and proxy-based inspection?
Published
09/25/2024
Which security profile options are not visible by default on the policy page in the GUI?
Published
09/25/2024
How can you make the Video Filter, VOIP, and Web Application Firewall options visible on the policy page?
Published
09/25/2024
What does the policy ID represent in FortiGate firewall policies?
Published
09/25/2024
Can you change the policy ID after it's assigned by FortiGate?
Published
09/25/2024
How does FortiGate assign a policy ID when creating a new policy on the GUI?
Published
09/25/2024
How can you manually assign a policy ID when creating a new firewall policy?
Published
09/25/2024
What happens if a duplicate policy ID is found when manually assigning a policy ID?
Published
09/25/2024
Is Policy Advanced Options available by default in the GUI?
Published
09/25/2024
What is Firewall traffic or user traffic?
Published
09/25/2024
What is Local-out traffic?
Published
09/25/2024
What is ISDB routes?
Published
09/25/2024
What is RPF?
Published
09/25/2024
Two Fortigate Routing Tables?
Published
09/26/2024
What are the three ways the firewall policy list can be organized in FortiGate?
Published
09/26/2024
What do the Sequencing Grouping View and By Sequence views show?
Published
09/26/2024
What can you do to make the firewall policies easier to understand?
Published
09/26/2024
Why is arranging firewall policies in the correct position important?
Published
09/26/2024
Where should more specific policies be placed in the firewall policy list?
Published
09/26/2024
Do Policy IDs change when you move policies in the list?
Published
09/26/2024
Is ALL_ICMP traffic subject to web filter and antivirus scans?
Published
09/26/2024
What happens if you apply web filter and antivirus security profiles to ICMP traffic?
Published
09/26/2024
When do configuration changes made via the GUI or CLI take effect?
Published
09/26/2024
Define flow-based inspection.
Published
09/26/2024
Define proxy-based inspection.
Published
09/26/2024
Low-end platforms with how many GBs of RAM or less do not display the option on the GUI for proxy-based inspection?
Published
09/26/2024
Can you display the RIB entries on both FortiGate GUI and CLI?
Published
09/26/2024
Do we need static route for subnets to which FortiGate has direct Layer 2 connectivity?
Published
09/26/2024
The routing table does not contain ?
Published
09/26/2024
What is the first tiebreaker that routers use to determine the best route for a particular destination?
Published
09/26/2024
If there are two or more routes to the same destination, which is considered the best route?
Published
09/26/2024
In which routes type you cannot set the distance?
Published
09/26/2024
When a dynamic route protocol learns two or more routes to the same destination, what does it use as a tiebreaker to identify the best route?
Published
09/26/2024
Is metric used as tiebreaker for different protocol dynamic routes?
Published
09/26/2024
What is ECMP static route?
Published
09/26/2024
What is the default ECMP algorithm on FortiGate?
Published
09/26/2024
Multiple choice. Which criteria does FortiGate use to match traffic to a firewall policy?A. Source and destination interfacesB. Security Profiles
Published
09/26/2024
Multiple choice. What must be selected in the Source field of a firewall policy?A. At least one address objectB. At least one source user and one sour…
Published
09/26/2024
Multiple choice. What is the purpose of applying security profiles to a firewall policy?A. To allow access to specific subnetsB. To protect your netwo…
Published
09/26/2024
What is NAT and what does it do?
Published
09/26/2024
What is PAT, and how is it different from NAT?
Published
09/26/2024
What are the three key benefits of using NAT?
Published
09/26/2024
What is SNAT (Source NAT)?
Published
09/26/2024
What is DNAT (Destination NAT)?
Published
09/26/2024
How do you configure SNAT in FortiGate?
Published
09/26/2024
How do you configure DNAT in FortiGate?
Published
09/26/2024
True or False. Allowing internal devices to access the internet with a single public IP is an example usage of SNAT.
Published
09/26/2024
True or False. Allowing external users to access internal services (e.g., web server) is an example usage of DNAT.
Status
Last Update
Fields