NSE4 Question #210: Real Exam Question with Answer & Explanation

Question

Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention for traffic flowing through the FortiGate unit? (Select all that apply.)

Options

• AAssign a DLP sensor in a firewall policy.
• BApply one or more DLP rules to a firewall policy.
• CEnable DLP globally using the config sys dlp command in the CLI.
• DDefine one or more DLP rules.
• EDefine a DLP sensor.
• FApply a DLP sensor to a DoS sensor policy.

Explanation

This question outlines the essential configuration steps required to enable and activate Data Leak Prevention (DLP) for network traffic on a FortiGate unit.

Common mistakes.

• B. DLP rules are applied to a DLP sensor, and then the sensor is assigned to a policy; rules are not directly applied to a firewall policy independently of a sensor.
• C. DLP is enabled by configuring sensors and applying them to policies, not by a global CLI command config sys dlp.
• F. A DLP sensor is applied to a firewall policy for data inspection, not to a DoS sensor policy, which serves a different security function.

Concept tested. FortiGate DLP configuration steps

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/469436/data-leak-prevention-dlp

No community discussion yet for this question.