22 07 2017
[2017-July-News]Exam Pass 100%!Braindump2go NSE6 PDF Dumps and NSE6 VCE Dumps 205Q Instant Download[Q146-Q166]
2017/July Fortinet NSE6 Exam Dumps with PDF and VCE New Updated in www.Braindump2go.com Today!100% NSE6 Real Exam Questions! 100% NSE6 Exam Pass Guaranteed!
1.|2017 New NSE6 Exam Dumps (PDF & VCE) 205Q&As Download:
https://www.braindump2go.com/nse6.html
2.|2017 New NSE6 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNQTFWS0xDNzNIalE?usp=sharing
QUESTION 146
Which devices can receive logs from FortiSandbox? (Choose two.)
A. SNMP manager
B. FortiAnalyzer
C. FortiManager
D. FortiGate
Answer: BD
QUESTION 147
FortiGate is configured to send suspicious files to a FortiSandbox for in-line inspection.
The administrator creates a new VDOM, and then generates some traffic so what the new VDOM sends a file to the FortiSandbox for the first time.
Which is true regarding this scenario?
A. FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM.
B. Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox.
Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
C. FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
D. FortiSandbox will store the file, but not inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.
Answer: B
QUESTION 148
Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)
A. 3rd-party root certificate
B. Local services certificate
C. User certificate
D. CRL
Answer: BC
QUESTION 149
Which is true regarding Microsoft Office on FortiSandbox?
A. Microsoft Word documents (.docx) are not inspected.
B. Office 365 files are not supported.
C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
D. Office 2013 is installed in one of the VMs.
Answer: C
QUESTION 150
Which is not a supported captive portal authentication method?
A. SMS self-registration
B. Facebook authentication
C. Apple ID authentication
D. MAC address authentication
Answer: D
QUESTION 151
An administrator is running the following sniffer in a FortiADC:
What information is included in the output of the sniffer? (Choose two.)
A. IP headers
B. Ethernet headers
C. IP payload
D. Port names
Answer: AC
QUESTION 152
Which protocols can a FortiSandbox inspect when is deployed in sniffer mode? (Choose two.)
A. MAPI
B. FTPS
C. HTTP
D. POP3
Answer: CD
QUESTION 153
Which of the following statements best describe what a SYN cookie does when a SYN packet is received?
A. It replies with a SYN/ACK packet containing a cookie value on the TCP acknowledge field.
B. It replies with a RST packet if the SYN packet doesn’t contain the right cookie in the sequence field.
C. It replies with two SYN/ACK packets. One containing the right acknowledge values, and one containing a wrong acknowledge value.
D. It sends a SYN/ACK with a cookie in the sequence field.
Answer: AD
QUESTION 154
Which of the following features are available in all FortiADC models? (Choose three.)
A. Intrusion protection signatures
B. SSL acceleration
C. HTTP cookie persistence
D. Source IP persistence
E. Antivirus scanning
Answer: BCD
QUESTION 155
The sender validation techniques SPF and DKIM rely on data provided by what type of entity?
A. The upstream MTA
B. The sender’s LDAP server
C. The sender’s DNS records
D. The sender’s email envelope
Answer: C
QUESTION 156
What is the maximum number of sites (or peers) supported in a global load-balancing solution based on FortiADC?
A. 32
B. 2
C. 64
D. 256
Answer: D
QUESTION 157
What statement is true for the self-service portal? (Choose two.)
A. Administrator approval is required for all self-registrations
B. Self-registration information can be sent to the user through email and SMS
C. Realms can be used to configure what self-registered users or groups can access the network
D. Users self-register through the social portal splash screen
Answer: AB
QUESTION 158
Which FortiADC log severity level corresponds to Log Severity Level 2?
A. Notification
B. Alert
C. Information
D. Critical
Answer: D
QUESTION 159
Which methods can be used to submit files to FortiSandbox for inspection? (Choose two.)
A. File shares
B. FTP upload
C. SFTP upload
D. JSON API
Answer: AD
QUESTION 160
Which FortiGate process sends files to FortiSandbox for inspection?
A. scanunit
B. fortisandboxd
C. miglogd
D. quarantine
Answer: A
QUESTION 161
If FortiSandbox connects to FortiGuard through a web proxy server, which FortiSandbox interface must have access to the proxy server?
A. port3
B. port2
C. port1
D. port4
Answer: C
QUESTION 162
Which of the following statements about virtual tunneling for outbound link load balancing are true? (Choose three.)
A. Two dispatch algorithms are supported: weighted round robin and source-destination hash.
B. A virtual tunnel can combine point-to-point and multipoint IP tunnels.
C. Link policies are used to specify which traffic is sent through each virtual tunnel.
D. Contains IP tunnels that encapsulate the traffic using a GRE-based proprietary protocol.
E. Each virtual tunnel can contain no more than three IP tunnels.
Answer: ACD
QUESTION 163
You want to allow guests to authenticate to your network through Facebook. What configuration is required on FortiAuthenticator? (Choose two.)
A. A RADIUS client, in order to enable the social portal
B. A user group
C. An external authentication portal
D. A Facebook key and secret
Answer: AC
QUESTION 164
If the corporate email policy dictates that SMTP over SSL/TLS is preferred for inbound SMTP connections and required for outbound SMTP connections, which FortiMail configuration object would be used?
A. Recipient policies
B. IP policies
C. Access control rules
D. Session profiles
Answer: C
QUESTION 165
Which protocols can FortiSandbox use to connect to a network file share? (Choose two.)
A. FTP
B. HTTP
C. NFSv2
D. CIFS
Answer: AB
QUESTION 166
In transparent mode, when choosing between using the built-in MTA or using the transparent proxy, what difference might be encountered regarding mail routing?
A. The transparent proxy can only be enabled on a route mode interface.
B. In split-horizon DNS setups, the transparent proxy will get confused and route mail back to the sender.
C. The built-in MTA may decide to route the message to a different next-hop MTA.
D. The transparent proxy may decide to route the message to a different next-hop MTA.
Answer: D
!!!RECOMMEND!!!
1.|2017 New NSE6 Exam Dumps (PDF & VCE) 205Q&As Download:
https://www.braindump2go.com/nse6.html
2.|2017 New NSE6 Study Guide Video:
https://youtu.be/gxaAogX1YhA
[2017-New-Exams]100% Real Exam Questions-Braindump2go 300-170 VCE and PDF 75Q Download[Q1-Q7] [2017-July-News]100% Success-Braindump2go 300-375 Exam PDF and VCE 77Q Instant Download[Q61-Q68]
Comments are currently closed.