Fortinet NSE 4 Questions and Answers Already Passed

Fortinet NSE 4 Questions and Answers Already Passed Which UTM feature sends a UDP query to FortiGuard servers each time FortiGate scans a packet (unless the response is locally cached)? Web Filtering You have configured the DHCP server on a FortiGate's port1 interface (or internal, depending on the model) to offer IPs in a range of 192.168.1.65-192.168.1.253. When the first host sends a DHCP request, what IP will the DHCP offer? 192.168.1.65 When an administrator attempts to manage FortiGate from an IP address that is not a trusted host, what happens? FortiGate will drop the packets and not respond. Is Database Auditing a FortiGate feature? No. When a new administrator account is assigned the "prof_admin" profile, can it reset forgetten passwords of other administrator accounts such as "admin"? No. If you have lost your password for the "admin" account on your FortiGate, how should you reset it? (3 Steps) 1. Power off the FortiGate. 2. After several seconds, restart it. 3. Via the local console, within 30 seconds after booting has completed, log in as "maintainer" and enter the CLI commands to set the password for the "admin" account. A backup file begins with this line: #config-version=FGVM64-5.02-FW-build:opmode=0:vdom=0:user=admin #conf_file_ver= #buildno=0589 #global_vdom=1 Can you restore it to a FortiGate 60D? No, this is for a FortiGate VM 64. If you upload a new firmware image via the boot loader's menu from a TFTP server, will your configuration be preserved? No. If you upload new firmware via the GUI or CLI, and are following a supported upgrade path, will your configuration be preserved? FortiOS will attempt to convert the existing configuration to be valid with any new or changed syntax. So yes, mostly. FortiGuard gives package updates for which features? Antivirus and IPS FortiGuard gives live queries for which features? Web and Email Gateway What is the most common mode for a FortiGate? NAT What mode other than NAT can a FortiGate be in? Transparent Will a soft reboot enable you to reset admin password if you were to forget it? No, only a hard reboot will work. If you disable maintainer mode and then lose your admin password, are you ****ed? Yupp, totally ****ed. Can you view reports in the CLI? No. Can you use diagnostic commands in the GUI? No. What is FortiExplorer used for? Used via mobile device to help deploy your FortiGate. Configures network addresses and can be integrated into your network to configure other Fortinet appliances. Do you have to create admin accounts in the management console? No, you can also do it on a remote authentication server. What is best practice when configuring permissions for certain admins? Do not give everyone all the permissions. Only give certain ones to certain people. That way, if someone is compromised you aren't totally ****ed. What are Virtual Domains? A way of subdividing resources and configurations on a single FortiGate. What do you need to do to enable MFA on your FortiGate? Configure it to send emails or texts via a server. If you leave an IP as 0.0.0.0, what does that mean? Any IP. If you set 0.0.0.0 as a trusted IP, then any IP can get through which is no bueno. What are some perks to restricting concurrent sessions? You do not accidentally override settings. Prevents conflicts with multiple people editing the same thing at the same time. What perk do you get from shutting down unused ports? People can't just plug into your firewall and do whatever they want. If the port is not on, then they would be SOL. What must every interface that handles traffic have? An IP Address Does FortiGate have a built in DHCP server? Yes. Can FortiGate act as a local DNS server? Yes. What can a FortiGate acting as a DNS server do? It can improve FortiMail performance, configure hosts to use FortiGate as a gateway and DNS host, act as a DNS relay, etc. What does FortiGate need to have before you can integrate it into your network? A default gateway. What do you need to decrypt a backup file? (2 things) The password and the proper FortiGate model. What do you need to access and unecrypted backup file? The proper model FortiGate. What are the ways FortiGate can monitor logs? (3 things) Email Alerts, SNMP, and Alert Message Console. There are eight (8) log severity levels that indicate the importance of an event. Not including Debug, which is only needed to log diagnostic data, what are both the lowest AND highest severity levels? Information and Emergency In a Crash log, what does a status of 0 indicate? Normal shutdown with no abnormalities. Where are most of the security events logged? Forward Traffic Log What log type would indicate whether a VPN is going up or down? Event log What determines whether a log message is generated or not? Firewall Policy Setting What does every log entry include? A log level in order of importance Where can you store logs? (7 places) FortiGate Memory, FortiGate Hard Drive, Syslog, FortiCloud, SNMP, FortiAnalyzer, and FortiManager What is the primary purpose of FortiAnalyzer? Storage for log data What is the primary purpose of FortiManager? To centrally manage multiple FortiGate devices. What are the three types of logs? Traffic, Event, and Security. What are the four subtypes of Traffic logs? Forward, Local, Invalid, and Multicast What are the three subtypes of Event logs? System, User, Log Entries related to specific features (VPN, Cahce, etc.). Are Security logs shown by default? No. What Security events will only appear in the Security log instead of Forward Traffic log like most others? DLP and Intrusion Scanning What do you need to do in order to allow alert emails? Configure an SMTP server. The option of alert emails will not even appear unless this is done. How many logs can you configure at a time? Up to 4. Why do you need to think carefully about what you log? The more logs, the more strain on the CPU and storage. What are Event Logs made up of? System info generated by the FortiGate, not traffic info. When is an event logged to the crash log? Whenever a process is closed (purposefully or not).