FCNSP Exam Questions

What are the requirements for a cluster to maintain TCP connections after device or link failover? (Select all that apply.)

Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of 'diag sys session stat' for the STUDENT device. Exhibit B shows...

Which of the following statements are correct about the HA diag command diagnose sys ha reset- uptime? (Select all that apply.)

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the Exhibit below. Fortinet FCNSP Exam Which of the following statements are correct regarding...

Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit below. Which of the following statements are correct regarding this output? (Select all...

Examine the Exhibit shown below; then answer the question following it. Fortinet FCNSP Exam In this scenario, the Fortigate unit in Ottawa has the following routing table: S* 0.0.0...

Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it. config router static edit 1 set dst 172.20.168.0...

Examine the Exhibit shown below; then answer the question following it. The Vancouver FortiGate unit initially had the following information in its routing table: S 172.20.0.0/16 [...

Examine the static route configuration shown below; then answer the question following it. config router static edit 1 Fortinet FCNSP Exam set dst 172.20.1.0 255.255.255.0 set devi...

In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate unit when searching for a suitable gateway?

Shown below is a section of output from the debug command diag ip arp list. index=2 ifname=port1 172.20.187.150 00:09:0f:69:03:7e state=00000004 use=4589 confirm=4589 update=2422 r...

Review the output of the command get router info routing-table database shown in the Exhibit below; then answer the question following it. Which of the following statements are cor...

Review the output of the command config router ospf shown in the Exhibit below; then answer the question following it. Fortinet FCNSP Exam Which one of the following statements is...

Review the output of the command get router info routing-table all shown in the Exhibit below; then answer the question following it. Which one of the following statements correctl...

Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.)

In Transparent Mode, forward-domain is an attribute of ______________.

Which of the following statements are TRUE for Port Pairing and Forwarding Domains? (Select all that apply.)

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?

An administrator logs into a FortiGate unit using an account which has been assigned a super_admin profile. Which of the following operations can this administrator perform?

The diag sys session list command is executed in the CLI. The output of this command is shown in the exhibit. Fortinet FCNSP Exam Based on the output from this command, which of th...

A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. Which of the following items would an admi...

What is the effect of using CLI "config system session-ttl" to set session_ttl to 1800 seconds? Fortinet FCNSP Exam

Which of the following statements is correct about how the FortiGate unit verifies username and password during user authentication?

Which of the following statements are correct regarding the configuration of a FortiGate unit as an SSL VPN gateway? (Select all that apply.)

Which of the following statements is correct about configuring web filtering overrides?

The FortiGate Server Authentication Extensions (FSAE) provide a single sign on solution to Fortinet FCNSP Exam authenticate users transparently to a FortiGate unit using credential...

Bob wants to send Alice a file that is encrypted using public key cryptography. Which of the following statements is correct regarding the use of public key cryptography in this sc...

Which of the following statements is correct based on the firewall configuration illustrated in the exhibit?

Which of the following statements is correct regarding the antivirus scanning function on the FortiGate unit? Fortinet FCNSP Exam

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the AntiVirus and Email Filter profil...

Which of the following describes the best custom signature for detecting the use of the word "Fortinet" in chat applications?

An administrator is examining the attack logs and notices the following entry: type=ips subtype=signature pri=alert vd=root serial=1995 attack_id=103022611 src=69.45.64.22 dst=192....

An administrator is examining the attack logs and notices the following entry: device_id=FG100A3907508962 log_id=18432 subtype=anomaly type=ips timestamp=1270017358 pri=alert itime...

Which of the following items are considered to be advantages of using the application control features on the FortiGate unit? Application control allows an administor to:

Which of the following features could be used by an administrator to block FTP uploads while still allowing FTP downloads?

An organization wishes to protect its SIP Server from call flooding attacks. Which of the following configuration changes can be performed on the FortiGate unit to fulfill this req...

Which spam filter is not available on a FortiGate device?

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?

Fortinet FCNSP Exam Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

Which of the following describes the difference between the ban and quarantine actions?

An administrator is configuring a DLP rule for FTP traffic. When adding the rule to a DLP sensor, The administrator notes that the Ban Sender action is not available (greyed-out),...

When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit. Which of the following statements is correct regarding this entry?

The following ban list entry is displayed through the CLI. get user ban list id cause src-ip-addr dst-ip-addr expires created 531 protect_client 10.177.0.21 207.1.17.1 indefinite W...

Which of the following statements is correct regarding the NAC Quarantine feature?

Which of the following DLP actions will override any other action?

Which of the following DLP actions will always be performed if it is selected?

The transfer of encrypted files or the use of encrypted protocols between users and servers on the internet can frustrate the efforts of administrators attempting to monitor traffi...

A DLP rule with an action of Exempt has been matched against traffic passing through the FortiGate unit. Which of the following statements is correct regarding how this transaction...

The following diagnostic output is displayed in the CLI: diag firewall auth list policy iD. 9, srC. 192.168.3.168, action: accept, timeout: 13427 user: forticlient_chk_only, group:...

Which of the following cannot be used in conjunction with the endpoint compliance check?