NSE6 Exam Questions
203 real NSE6 exam questions with expert-verified answers and explanations. Page 1 of 5.
- Question #1
When an administrator attempts to manage FortiGate from an IP address that is not a trusted host, what happens?
- Question #2
A backup file begins with this line: #config-version=FGVM64-5.02-FW-build589-140613:opmode=0:vdom=0:user=admin #conf_file_ver=3881503152630288414 #buildno=0589 #global_vdom=1 Can y...
- Question #3
Examine this log entry. What does the log indicate? (Choose three.) date=2013-12-04 time=09:30:18 logid=0100032001 type=event subtype=system level=information vd="root" user="admin...
- Question #4
Where are most of the security events logged?
- Question #5
What determines whether a log message is generated or not?
- Question #6
Which of the following are considered log types? (Choose three.)
- Question #7
What attributes are always included in a log header? (Choose three.)
- Question #8
What log type would indicate whether a VPN is going up or down?
- Question #9
Which correctly define "Section View" and "Global View" for firewall policies? (Choose two.)
- Question #10
What protocol cannot be used with the active authentication type?
- Question #11
When configuring LDAP on the FortiGate as a remote database for users, what is not a part of the configuration?
- Question #12
In "diag debug flow" output, you see the message "Allowed by Policy-1: SNAT". Which is true?
- Question #13
Which is NOT true about the settings for an IP pool type port block allocation?
- Question #14
Which define device identification? (Choose two.)
- Question #15
Which is true of FortiGate's session table?
- Question #16
Which user group types does FortiGate support for firewall authentication? (Choose three.)
- Question #17
Which of the following statements is true regarding the differences between route-based and policy-based IPsec VPNs? (Choose two.)
- Question #18
Which portion of the configuration does an administrator specify the type of IPsec configuration (either policy-based or route-based)?
- Question #19
Which of the following options best defines what Diffie-Hellman is?
- Question #20
How many packets are interchanged between both IPSec ends during the negotiation of a main- mode phase 1?
- Question #21
Which of the following IKE modes is the one used during the IPsec phase 2 negotiation?
- Question #22
Which of the following statements are true about IPsec VPNs? (Choose three.)
- Question #23
What is longest length of time allowed on a FortiGate device for the virus scan to complete?
- Question #24
Which of the following statements is true regarding the TCP SYN packets that go from a client, through an implicit web proxy (transparent proxy), to a web server listening at TCP p...
- Question #25
Which of the following statements is true regarding the use of a PAC file to configure the web proxy settings in an Internet browser? (Choose two.)
- Question #27
Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available...
- Question #28
Which two web filtering inspection modes inspect the full URL? (Choose two.)
- Question #29
Which protocol can an Internet browser use to download the PAC file with the web proxy configuration?
- Question #30
Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)
- Question #31
Files reported as "suspicious" were subject to which Antivirus check"?
- Question #32
Which type of conserve mode writes a log message immediately, rather than when the device exits conserve mode?
- Question #33
Files that are larger than the oversized limit are subjected to which Antivirus check?
- Question #34
A FortiGate device is configure to perform an AV & IPS scheduled update every hour. Given the information in the exhibit, when will the next update happen?
- Question #35
What is the maximum number of different virus databases a FortiGate can have?
- Question #36
Which of the following are possible actions for static URL filtering? (Choose three.)
- Question #37
Which of the following statements are true regarding the web filtering modes? (Choose two.)
- Question #38
Which of the following web filtering modes can inspect the full URL? (Choose two.)
- Question #39
Examine the following log message attributes and select two correct statements from the list below. (Choose two.) status="passthrough" msg="URL belongs to a category with warnings...
- Question #40
Which of the following are possible actions for FortiGuard web category filtering? (Choose three.)
- Question #41
Which of the following actions can be used with the FortiGuard quota feature? (Choose three.)
- Question #42
Which of the following statements are true regarding application control? (Choose two.)
- Question #43
In the debug command output shown in the exhibit, which of the following best described the MAC address 00:09:0f:69:03:7e ?
- Question #44
Which action does the FortiGate take when link health monitor times out?
- Question #45
What must be configured in order to keep two static routes to the same destination in the routing table?
- Question #46
The exhibit is a screen shot of an Application Control profile. Different settings are circled and numbered. Select the number identifying the setting which will provide additional...
- Question #47
How do application control signatures update on a FortiGate device?
- Question #48
Which answer best describes what an "Unknown Application" is?
- Question #49
What actions are possible with Application Control? (Choose three.)
- Question #50
Which is the following statement are true regarding application control? (choose two)
- Question #51
Which of the following fields contained in the IP/TCP/UDP headers can be used to make a routing decision when using policy-based routing? (Choose three)