Which changes to IPS will reduce resource usage and improve performance? (Choose three)
A.
In custom signature, remove unnecessary keywords to reduce how far into the signature tree that FortiGate must compare in order to determine whether the
packet matches.
B.
In IPS sensors, disable signatures and rate based statistics (anomaly detection) for protocols, applications and traffic directions that are not relevant.
C.
In IPS filters, switch from ‘Advanced’ to ‘Basic’ to apply only the most essential signatures.
D.
In firewall policies where IPS is not needed, disable IPS.
E.
In firewall policies where IPS is used, enable session start logs.
Hello Gys,
I prepare to write the NSE6 Exam next week, and i got some new NSE6 Exam Questions but i want more and wish someone can help me check answers:
QUESTION 146
Which devices can receive logs from FortiSandbox? (Choose two.)
A. SNMP manager
B. FortiAnalyzer
C. FortiManager
D. FortiGate
Answer: BD
QUESTION 147
FortiGate is configured to send suspicious files to a FortiSandbox for in-line inspection.
The administrator creates a new VDOM, and then generates some traffic so what the new VDOM sends a file to the FortiSandbox for the first time.
Which is true regarding this scenario?
A. FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM.
B. Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox.
Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
C. FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
D. FortiSandbox will store the file, but not inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.
Answer: B
QUESTION 148
Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)
A. 3rd-party root certificate
B. Local services certificate
C. User certificate
D. CRL
Answer: BC
QUESTION 149
Which is true regarding Microsoft Office on FortiSandbox?
A. Microsoft Word documents (.docx) are not inspected.
B. Office 365 files are not supported.
C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
D. Office 2013 is installed in one of the VMs.
Answer: C
QUESTION 150
Which is not a supported captive portal authentication method?
A. SMS self-registration
B. Facebook authentication
C. Apple ID authentication
D. MAC address authentication
Answer: D
QUESTION 151
An administrator is running the following sniffer in a FortiADC:
What information is included in the output of the sniffer? (Choose two.)
A. IP headers
B. Ethernet headers
C. IP payload
D. Port names
Answer: AC
QUESTION 152
Which protocols can a FortiSandbox inspect when is deployed in sniffer mode? (Choose two.)
A. MAPI
B. FTPS
C. HTTP
D. POP3
Answer: CD
QUESTION 153
Which of the following statements best describe what a SYN cookie does when a SYN packet is received?
A. It replies with a SYN/ACK packet containing a cookie value on the TCP acknowledge field.
B. It replies with a RST packet if the SYN packet doesn’t contain the right cookie in the sequence field.
C. It replies with two SYN/ACK packets. One containing the right acknowledge values, and one containing a wrong acknowledge value.
D. It sends a SYN/ACK with a cookie in the sequence field.
Answer: AD
QUESTION 154
Which of the following features are available in all FortiADC models? (Choose three.)
A. Intrusion protection signatures
B. SSL acceleration
C. HTTP cookie persistence
D. Source IP persistence
E. Antivirus scanning
Answer: BCD
QUESTION 155
The sender validation techniques SPF and DKIM rely on data provided by what type of entity?
A. The upstream MTA
B. The sender’s LDAP server
C. The sender’s DNS records
D. The sender’s email envelope
Answer: C
QUESTION 156
What is the maximum number of sites (or peers) supported in a global load-balancing solution based on FortiADC?
A. 32
B. 2
C. 64
D. 256
Answer: D
Copyright, resource from:https://drive.google.com/drive/folders/0B75b5xYLjSSNQTFWS0xDNzNIalE?usp=sharing
0
0
Besides, that new 205Q NSE6 Dumps are Available here for Free:
https://drive.google.com/open?id=0B-ob6L_QjGLpX0pDRzN5bDJDMTQ
Best Regards!
0
0
2017/7/21 New NSE6 Exam Questions Updated:
QUESTION 146
Which devices can receive logs from FortiSandbox? (Choose two.)
A. SNMP manager
B. FortiAnalyzer
C. FortiManager
D. FortiGate
Answer: BD
QUESTION 147
FortiGate is configured to send suspicious files to a FortiSandbox for in-line inspection.
The administrator creates a new VDOM, and then generates some traffic so what the new VDOM sends a file to the FortiSandbox for the first time.
Which is true regarding this scenario?
A. FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM.
B. Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox.
Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
C. FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
D. FortiSandbox will store the file, but not inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.
Answer: B
QUESTION 148
Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)
A. 3rd-party root certificate
B. Local services certificate
C. User certificate
D. CRL
Answer: BC
QUESTION 149
Which is true regarding Microsoft Office on FortiSandbox?
A. Microsoft Word documents (.docx) are not inspected.
B. Office 365 files are not supported.
C. Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
D. Office 2013 is installed in one of the VMs.
Answer: C
QUESTION 150
Which is not a supported captive portal authentication method?
A. SMS self-registration
B. Facebook authentication
C. Apple ID authentication
D. MAC address authentication
Answer: D
QUESTION 151
An administrator is running the following sniffer in a FortiADC:
What information is included in the output of the sniffer? (Choose two.)
A. IP headers
B. Ethernet headers
C. IP payload
D. Port names
Answer: AC
QUESTION 152
Which protocols can a FortiSandbox inspect when is deployed in sniffer mode? (Choose two.)
A. MAPI
B. FTPS
C. HTTP
D. POP3
Answer: CD
Copyright, from:https://drive.google.com/drive/folders/0B75b5xYLjSSNQTFWS0xDNzNIalE?usp=sharing
0
0
Could you be having the entire dumb. im only seeing a few questions
0
0