更多"[单选题] What about _______?"的相关试题:
[单选题]what is job?
A.dba
B.pm
C.ceo
[单选题]
What is the primary FortiGate election process when the HA override setting is disabled?
A. Connected monitored ports > System uptime > Priority > FortiGate Serial number
B. Connected monitored ports > HA uptime > Priority > FortiGate Serial number
C. Connected monitored ports > Priority > HA uptime > FortiGate Serial number
D. Connected monitored ports > Priority > System uptime > FortiGate Serial number
[单选题] What language did Tom Hofman speak before he came to Paris?
A. He spoke French.
B. He spoke English.
C. He spoke Japanese.
D. We don’t know
[单选题]
What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?
A. Full Content inspection
B. Proxy-based inspection
C. Certificate inspection
D. Flow-based inspection
[单选题] What did Hofman come to know when he arrived in Paris?
A. What he said in French could not be understood by people in France.
B. The French people could not speak French as well as he could.
C. He did not know how to talk to a French woman.
D. He knew little of the French grammar.
[单选题]
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel ?
A. FortiGate automatically negotiates different local and remote addresses with the remote peer.
B. FortiGate automatically negotiates a new security association after the existing security association expires.
C. FortiGate automatically negotiates different encryption and authentication algorithms with the remote peer.
D. FortiGate automatically brings up the IPsec tunnel and keeps it up regardless of activity on the IPsec tunnel.
[单选题]
What devices form the core of the security fabric?
A. Two FortiGate devices and one FortiManager device
B. One FortiGate device and one FortiManager device
C. Two FortiGate devices and one FortiAnalyzer device
D. One FortiGate device and one FortiAnalyzer device
[多选题]
Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)
A. For a stronger authentication you can also enable extended authentication (XAuth) to request the remote peer to provide a username and password
B. FortiGate supports pre-shared key and signature as authentication methods.
C. Enabling XAuth results in a faster authentication because fewer packets are exchanged.
D. A certificate is not required on the remote peer when you set the signature as the authentication method.
[多选题]
Which three statements about security associations (SA) in IPsec are correct? (Choose three.)
A. Phase 2 SAs are used for encrypting and decrypting the data exchanged through the tunnel.
B. An SA never expires.
C. A phase 1 SA is bidirectional while a phase 2 SA is directional.
D. Phase 2 SA expiration can be time-based volume-based or both.
E. Both the phase 1 SA and phase 2 SA are bidirectional.
[多选题]
Which two statements about antivirus scanning mode are true? (Choose two.)
A. In proxy-based inspection mode files bigger than the buffer size are scanned.
B. In flow-based inspection mode. FortiGate buffers the file but also simultaneously transmits it to the client.
C. In proxy-based inspection mode antivirus scanning buffers the whole file for scanning before sending it to the client.
D. In flow-based inspection mode files bigger than the buffer size are scanned.
[单选题]
Which statement about the IP authentication header (AH) used by IPsec is true?
A. AH does not provide any data integrity or encryption.
B. AH does not support perfect forward secrecy.
C. AH provides data integrity bur no encryption.
D. AH provides strong data integrity but weak encryption.
[单选题] What did Hofman do as a member of French Language Association in New York?
A. He got to know Mr. Hardy, one of his father’s good friends.
B. He met a French woman.
C. He asked many questions in French.
D. He read a lot of books in French.
[多选题]
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile?
(Choose three.)
A. Traffic to botnetservers
B. Traffic to inappropriate web sites
C. Server information disclosure attacks
D. Credit card data leaks
E. SQL injection attacks
[单选题]
What is the limitation of using a URL list and application control on the same firewall policy in NGFW policy-based mode?
A. It limits the scope of application control to the browser-based technology category only.
B. It limits the scope of application control to scan application traffic based on application category only.
C. It limits the scope of application control to scan application traffic using parent signatures only
D. It limits the scope of application control to scan application traffic on DNS protocol only.
[单选题] What colour _______?
A. is these bags
B. are these bag
C. these bags are
D. are these
[多选题]
Which two statements are true about collector agent standard access mode? (Choose two.)
A. Standard mode uses Windows convention-NetBios: Domain\Username.
B. Standard mode security profiles apply to organizational units (OU).
C. Standard mode security profiles apply to user groups.
D. Standard access mode supports nested groups.
[多选题]
Which of the following statements about central NAT are true? (Choose two.)
A. IP tool references must be removed from existing firewall policies before enabling central NAT.
B. Central NAT can be enabled or disabled from the CLI only.
C. Source NAT using central NAT requires at least one central SNAT policy.
D. Destination NAT using central NAT requires a VIP object as the destination address in a firewall.
[单选题]
Which statement about the policy ID number of a firewall policy is true?
A. It is required to modify a firewall policy using the CLI.
B. It represents the number of objects used in the firewall policy.
C. It changes when firewall policies are reordered.
D. It defines the order in which rules are processed.
[多选题]
Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)
A. Log downloads from the GUI are limited to the current filter view
B. Log backups from the CLI cannot be restored to another FortiGate.
C. Log backups from the CLI can be configured to upload to FTP as a scheduled time
D. Log downloads from the GUI are stored as LZ4 compressed files.
