PrepAway - Latest Free Exam Questions & Answers

Which changes to IPS will reduce resource usage and imp…

Which changes to IPS will reduce resource usage and improve performance? (Choose three)

PrepAway - Latest Free Exam Questions & Answers

A.
In custom signature, remove unnecessary keywords to reduce how far into the signature tree that FortiGate must compare in order to determine whether the
packet matches.

B.
In IPS sensors, disable signatures and rate based statistics (anomaly detection) for protocols, applications and traffic directions that are not relevant.

C.
In IPS filters, switch from ‘Advanced’ to ‘Basic’ to apply only the most essential signatures.

D.
In firewall policies where IPS is not needed, disable IPS.

E.
In firewall policies where IPS is used, enable session start logs.

4 Comments on “Which changes to IPS will reduce resource usage and imp…

  1. Phoebe Bruce says:

    Hello Gys,

    I prepare to write the NSE6 Exam next week, and i got some new NSE6 Exam Questions but i want more and wish someone can help me check answers:

    QUESTION 146
    Which devices can receive logs from FortiSandbox? (Choose two.)

    A. SNMP manager
    B. FortiAnalyzer
    C. FortiManager
    D. FortiGate

    Answer: BD

    QUESTION 147
    FortiGate is configured to send suspicious files to a FortiSandbox for in-line inspection.
    The administrator creates a new VDOM, and then generates some traffic so what the new VDOM sends a file to the FortiSandbox for the first time.
    Which is true regarding this scenario?

    A. FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM.
    B. Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox.
    Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
    C. FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
    D. FortiSandbox will store the file, but not inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.

    Answer: B

    QUESTION 148
    Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)

    A. 3rd-party root certificate
    B. Local services certificate
    C. User certificate
    D. CRL

    Answer: BC

    QUESTION 149
    Which is true regarding Microsoft Office on FortiSandbox?

    A. Microsoft Word documents (.docx) are not inspected.
    B. Office 365 files are not supported.
    C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
    D. Office 2013 is installed in one of the VMs.

    Answer: C

    QUESTION 150
    Which is not a supported captive portal authentication method?

    A. SMS self-registration
    B. Facebook authentication
    C. Apple ID authentication
    D. MAC address authentication

    Answer: D

    QUESTION 151
    An administrator is running the following sniffer in a FortiADC:

    What information is included in the output of the sniffer? (Choose two.)

    A. IP headers
    B. Ethernet headers
    C. IP payload
    D. Port names

    Answer: AC

    QUESTION 152
    Which protocols can a FortiSandbox inspect when is deployed in sniffer mode? (Choose two.)

    A. MAPI
    B. FTPS
    C. HTTP
    D. POP3

    Answer: CD

    QUESTION 153
    Which of the following statements best describe what a SYN cookie does when a SYN packet is received?

    A. It replies with a SYN/ACK packet containing a cookie value on the TCP acknowledge field.
    B. It replies with a RST packet if the SYN packet doesn’t contain the right cookie in the sequence field.
    C. It replies with two SYN/ACK packets. One containing the right acknowledge values, and one containing a wrong acknowledge value.
    D. It sends a SYN/ACK with a cookie in the sequence field.

    Answer: AD

    QUESTION 154
    Which of the following features are available in all FortiADC models? (Choose three.)

    A. Intrusion protection signatures
    B. SSL acceleration
    C. HTTP cookie persistence
    D. Source IP persistence
    E. Antivirus scanning

    Answer: BCD

    QUESTION 155
    The sender validation techniques SPF and DKIM rely on data provided by what type of entity?

    A. The upstream MTA
    B. The sender’s LDAP server
    C. The sender’s DNS records
    D. The sender’s email envelope

    Answer: C

    QUESTION 156
    What is the maximum number of sites (or peers) supported in a global load-balancing solution based on FortiADC?

    A. 32
    B. 2
    C. 64
    D. 256

    Answer: D

    Copyright, resource from:https://drive.google.com/drive/folders/0B75b5xYLjSSNQTFWS0xDNzNIalE?usp=sharing




    0



    0
  3. David says:

    2017/7/21 New NSE6 Exam Questions Updated:

    QUESTION 146
    Which devices can receive logs from FortiSandbox? (Choose two.)

    A. SNMP manager
    B. FortiAnalyzer
    C. FortiManager
    D. FortiGate

    Answer: BD

    QUESTION 147
    FortiGate is configured to send suspicious files to a FortiSandbox for in-line inspection.
    The administrator creates a new VDOM, and then generates some traffic so what the new VDOM sends a file to the FortiSandbox for the first time.
    Which is true regarding this scenario?

    A. FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM.
    B. Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox.
    Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
    C. FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
    D. FortiSandbox will store the file, but not inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.

    Answer: B

    QUESTION 148
    Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)

    A. 3rd-party root certificate
    B. Local services certificate
    C. User certificate
    D. CRL

    Answer: BC

    QUESTION 149
    Which is true regarding Microsoft Office on FortiSandbox?

    A. Microsoft Word documents (.docx) are not inspected.
    B. Office 365 files are not supported.
    C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
    D. Office 2013 is installed in one of the VMs.

    Answer: C

    QUESTION 150
    Which is not a supported captive portal authentication method?

    A. SMS self-registration
    B. Facebook authentication
    C. Apple ID authentication
    D. MAC address authentication

    Answer: D

    QUESTION 151
    An administrator is running the following sniffer in a FortiADC:

    What information is included in the output of the sniffer? (Choose two.)

    A. IP headers
    B. Ethernet headers
    C. IP payload
    D. Port names

    Answer: AC

    QUESTION 152
    Which protocols can a FortiSandbox inspect when is deployed in sniffer mode? (Choose two.)

    A. MAPI
    B. FTPS
    C. HTTP
    D. POP3

    Answer: CD

    Copyright, from:https://drive.google.com/drive/folders/0B75b5xYLjSSNQTFWS0xDNzNIalE?usp=sharing




    0



    0

Leave a Reply

Your email address will not be published. Required fields are marked *