[FREQUENTLY ASK] FortiAnalyzer Interview Questions and Answers
FortiAnalyzer Interview Questions-and-Answers-ACTE

[FREQUENTLY ASK] FortiAnalyzer Interview Questions and Answers

Last updated on 17th Nov 2021, Blog, Interview Questions

About author

Muhila (Firewall Checkpoint & Fortigate )

Muhila is a Firewall Checkpoint & Fortigate with 7+ years of strong experience in using emerging technologies, such as machine learning (ML) and neuro-linguistic programming (NLP) and experience in C# and VB.NET to edit recordings or create custom tests.

(5.0) | 18974 Ratings 2551

    If you’re looking for FortiAnalyzer Interview Questions & Answers for Experienced or Freshers, you are in right place. There are a lot of opportunities from many reputed companies in the world. According to research, FortiAnalyzer has a market share. So, You still have the opportunity to move ahead in your career in FortiAnalyzer Engineering. ACTE offers Advanced FortiAnalyzer Interview Questions that help you in cracking your interview & acquire a dream career as FortiAnalyzer Engineer.

    Subscribe For Free Demo

    1.What are the fundamentals of FortiAnalyzer?


      FortiAnalyzer is a platform that integrates network logging, analysis, and reporting into a single system, delivering increased knowledge of security events throughout your network. FortiAnalyzer products minimize the effort required to scrutinize and maintain policies, as well as identify attack patterns to help us fine-tune organizational policies. In short, FortiAnalyzer provides Centralized Logging, Analysis, and Reporting on a Virtual Platform.

    2.What are the features and benefits of FortiAnalyzer virtual appliances?


      Followings are the features and benefits provided by FortiAnalyzer virtual appliances: –

    • FortiAnalyzer virtual appliances provide over 550 reports and customizable charts which helps to monitor and maintain identify attack patterns, acceptable use policies, and demonstrate policy compliance.
    • FortiAnalyzer’s network capacity and utilization data reporting allow efficient management of the networks.
    • The scalable architecture of FortiAnalyzer allows the devices to run in collector or analyzer modes for optimized log processing.
    • Advanced inbuilt features within FortiAnalyzer such as event correlation, forensic analysis, and vulnerability assessment provide essential tools for in-depth protection of complex networks.
    • Secure data aggregation from multiple FortiGate and FortiMail appliances provides compliance to the entire network.

    3.How FortiAnalyzer enhances the visibility within its Platforms?


      FortiAnalyzer provides its services like security event analysis, forensic research, reporting, content archiving, and data mining, malicious file quarantining, and vulnerability management to organizations of any size from a centralized location. Its capability of a centralized collection of data, correlation, and analysis of the diverse chronological and geographical security data from Fortinet appliances & third-party devices delivers a simplified, consolidated view of organizations’ threat exposure.

    4.How FortiAnalyzer manages information related to Security Events?


      We can put time back in by installing a FortiAnalyzer platform into the existing security infrastructure, creating a single view of the security events, archived content, and vulnerability assessments. FortiAnalyzer platforms pull the entire range of data from Fortinet solutions, including traffic, event, virus, attack, content filtering, and email filtering. It removes the manual search of multiple log files when performing forensic analysis and network auditing. FortiAnalyzer platform’s centralized data archiving, file quarantine, and vulnerability assessment further reduce the time taken to manage the range.

    5.What factor depends on selecting between hardware and virtual appliances?


      Most organizations use less than the required hardware IT infrastructure or virtual IT infrastructure today, for many budget constraints. This creates a need for both hardware and virtual appliances within a security strategy. FortiAnalyzer can be installed either hardware or virtual appliance to fit the environment, which includes a mix of virtual and physical IT infrastructure. FortiAnalyzer has the capability to log events from Forti OS-based hardware appliances, virtual appliances, or a combination of both.

    6.What are the benefits of Network Event Correlation benefits?


      The element known as event correlation plays a key role in integrated management. Network Event Correlation Allows the system administrator to quickly identify and react to network security threats across the organization network.

    7.What do the graphical summary reports show?


      Graphical summary reports provide detailed events, activities, and trends occurring on FortiGate and third-party devices on the entire network.

    8.How do we benefit from FortiAnalyzer’s performance to upscale capacity?


      FortiAnalyzer family models support thousands of FortiGate and FortiClient agents, and can dynamically scale storage based on retention and compliance requirements.

    9.What are the benefits of FortiAnalyzer Centralized Logging of Multiple Record Types?


      This record including traffic activity, system events, viruses, attacks, Web filtering events, and messaging activities and data. System administrators can scrutinize the entire network from one single location.

    10.What are the benefits of FortiAnalyzer Seamless Integration with the Fortinet Products?


      The close integration with Fortinet Products maximizes its performance and allows FortiAnalyzer resources for efficient management from FortiGate or other FortiManager user interfaces.

    11.What benefits if FortiAnalyzer is selected as Standalone, Collector, or Analyzer mode?


      FortiAnalyzer can be installed as an individual unit, or optimized for specific operations. It depends on the location and utility that is required. Any company does not require all features and benefits of FortiAnalyzer.

    12.How do we benefit from FortiAnalyzer’s Versatile Management Solutions?


      Key elements of FortiAnalyzer’s management versatility are:-

    • Diversity of form factors.
    • Architectural flexibility.
    • Highly customizable.
    • Simple licensing.

    13.How does FortiAnalyzer differ from Traditional methods?


      Threats are constantly evolving within networks, such as organizational growth or new regulatory and business requirements. Traditional methods focus on recording and identifying network threats through logging, analysis, and reporting over time. FortiAnalyzer provides enterprise-class features to not only identify these threats but also provide flexibility to evolve along with the ever-changing network. FortiAnalyzer can generate highly customized reports for organizational requirements while aggregating logs in a hierarchical, tiered logging topology.

    14.What do you understand by Content Logging & Data Mining?


      Log aggregation and archiving are critical nowadays in identifying security threats and managing network usage. In addition to in-depth analysis, real-time logging, and reporting, FortiAnalyzer facilitates detailed content logging of user activities and network traffic. Activities can be scrutinized in real-time, archived, and later analyzed as per the need. Activities can be tracked user-wise, protocol, source, destination, etc., and the actual content exchanged in a session is available. Content logging is not only critical in order to implement regulatory mandates such as HIPAA and SOX compliance but absolutely needed to enforce acceptable use policies and protect important corporate assets and intellectual property.

    15.What is a Vulnerability Scanner?


      FortiAnalyzer’s integrated vulnerability scanner identifies vulnerabilities on a host server, such as a mail server, FTP server, or any other UNIX or Windows host, and produces vulnerability reports accordingly showing the potential weaknesses to attacks that may exist for a selected device.

    Vulnerability Scanner

    16.What Granular Information do we get with the help of FortiAnalyzer?


      The FortiAnalyzer User Interface (UI) facilitates the system administrators to dig deep into security log data to provide the granular level of reporting necessary to understand what is happening on the entire network. Historical or real-time data allows network administrators to analyze log and content information, as well as the traffic of the entire network. The advanced forensic analysis tools allow the network administrator to track user activities to the content level.

    17.What is Log Browser?


      Log Browser facilitates us to view log files or messages from the registered devices. We can easily filter the log files and messages to dig down and locate specific information.

    18.What are the FortiAnalyzer’s Supporting Devices?


    • FortiGate Multi-Threat Security Systems.
    • FortiMail Email Security Systems.
    • FortiClient Mobile End-Point Security.
    • FortiClient PC End-Point Security.
    • FortiManager Centralized Management.
    • Any Syslog-Compatible Device.

    19.How can we edit FortiAnalyzer’s IP Address?


      To edit the FortiAnalyzer VM IP address we need to perform the following steps:-

    • In the toolbar select Asset > Manage/View Products, which opens the View Products page.
    • Select the FortiAnalyzer VM serial number and the Product Details page opens.
    • Select Edit to change the description, partner information, and IP address of the specific FortiAnalyzer VM.
    • Then the Edit Product Info page opens.

    20.What do you mean by Thick Provision Lazy Zeroed?


      Thick provision lazy zeroed is the process of allocating space within the storage for a virtual machine (VM) disk that creates a virtual disk in a default thick format. The thick provision means all the space designated for the virtual disk files is reserved for the Virtual Machine is created.

    21.What is Thick Provisioning Eager Zeroed?


      Thick provisioning eager zeroed is a VMware provisioning process, which generates a virtual machine (VM) disk in a default thick format. Thick provision eager zeroed supports clustering features such as VMware Fault Tolerance, a component of VMware vSphere that is to provide high availability (HA) for enterprise software applications.

    22.What is Thin Provisioning?


      Thin provisioning (TP) is a process of maximizing the efficiency with which the available space is utilized in storage area networks (SAN). Thin Provisioning functions by allocating disk storage space in a flexible manner among multiple users, based on the minimum space required by each user at any given time.

    23.What is traditional storage provisioning?


      Storage provisioning is the process of assigning storage, usually in the form of server disk drive space, in order to optimize the performance of a storage area network (SAN). Traditionally, this has been done by the SAN administrator, and it can be a tedious process.

    24.What is fetching?


      We can fetch offline reports, which are compressed logs from one FortiAnalyzer unit to a second FortiAnalyzer unit where the logs can be automatically indexed in the database to support data analysis on the Log View, FortiView, and Reports tabs. The fetch feature in FortiAnalyzer allows system administrators to analyze data from compressed logs without affecting the performance of the primary FortiAnalyzer unit because the process of fetching logs happens in the background.

    25.How many Panes does FortiAnalyzer have and what are its functions?


      Generally, FortiAnalyzer’s pane has four primary parts: the banner, toolbar, tree menu, and content pane.

    • Banner is on the top of the page; which includes the home button (Fortinet logo), tile menu, ADOM menu (when enabled), admin menu, notifications, and help button.
    • The tree menu is on the left side, which includes the menus for the selected pane. Not available in Device Managers.
    • The Content pane consists of widgets, lists, configuration options, or other information, depending on the pane, menu, or options that have been selected. Most management tasks are handled in the content pane.
    • The toolbar is directly above the content pane; which includes options for managing content in the content pane, such as Create New and Delete.
    • To switch between panes, we should either select the home button to return to the homepage or select the file menu then select a new tile.

    26.How can we add a static route.


      Adding a static route in FortiAnalyzer is easy by the following steps:-

      • We need to go to System Settings > Network.
      • After that, we should click the Routing Table button to add an IPv4 static route or the IPv6 Routing Table button to add an IPv6 static route.
      • Then we should click the Create New button. The Create New Network Route pane is displayed.
      • Lastly, we can configure the settings, and click OK to create the new static route.

    27.How can we change administrative access?


    • To change administrative access we should first go to System Settings > Network.
    • By default, port1 settings will be displayed. We can configure administrative access for a different interface.
    • We should Click All Interfaces, and select the interface from the list.
    • We should set the IPv4 IP Address/Netmask or the IPv6 Address.
    • After that, we should select one or more Administrative Access types for the interface, and set the default gateway and Domain Name System (DNS) servers followed by clicking on Apply.

    28.How to configure RAID?


    • To configure the RAID level we should Go to System Settings > RAID Management.
    • Then we should click on change beside RAID Level, which displays the RAID Settings dialog box.
    • We should select a new raid level from the RAID Level list, and click OK.
    • FortiAnalyzer unit will restart itself.
    • The Duration to generate the RAID array significantly depends on the selected RAID level.

    29.How can we replace Hard Disks?


      Whenever a hard disk on a FortiAnalyzer unit fails, it has to be replaced. FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the FortiAnalyzer unit is still running, known as hot-swapping. On FortiAnalyzer units with software RAID, the device should be shut down prior to exchanging the hard disk.

    30.What is the difference between a thick and eager zeroed thick virtual disk?


      Most of us are familiar with the difference between a thin-provisioned virtual disk and a thick-provisioned virtual disk. A thick disk’s blocks are allocated in Virtual Machine when the disk is created whereas a thin disk’s blocks are not. The difference in performance between a thick disk and an Eager Zeroed thick disk is very small, but some applications, still require eager zeroed thick provisioned disks.

    31.What do you know about Fortinet’s FortiGate?


      FortiGate is a firewall that was released by Fortinet. It enables protection against malware and automated visibility to stop attacks. It includes features like intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. FortiGate has also equipped with Artificial Intelligence (AI), which helps in proactive threat detection.

    32.What is Fortinet’s history?


      Fortinet was founded in the year 2000 by Ken Xie and Michael Xie (siblings). They have released their first product, FortiGate, in the year 2002. Between the years 2000 and 2003, the company has raised $13 million in private funding and $30 million in financing. Over the last decade, the company has acquired many security-related software vendors. Fortinet recently released an AI-powered product, called FortiAI in February 2020.

    Course Curriculum

    Develop Your Skills with FortiAnalyzer Certification Training

    Weekday / Weekend BatchesSee Batch Details

    33.What do you know about Fortinet as an organization?


      Fortinet is an American MNC having over 7000 employees with its headquarters at Sunnyvale, California. Fortinet provides security-driven networking solutions such as firewalls, anti-spam, endpoint security, spyware, anti-virus, etc. Fortinet also announced a technical certification program called Network Security Expert (NSE) to enable more developers on cybersecurity.

    34.What is Traditional Firewall?


      A traditional firewall is a device that controls the flow of traffic that enters or exits the network. It either uses a stateless or stateful method to achieve this. It can only track the traffic on 2 to 4 layers.

    Traditional Firewall

    35.What is the Next-Generation Firewall?


      The Next-Generation Firewall (NGFW) acts as a deep-packet inspection firewall. It includes all the functionalities of a traditional firewall. Additionally, it provides application awareness, Integrated Intrusion Protection System (IPS), Secure Sockets Layer (SSL) inspection, and Shell (SSH) control.

    36.Explain the differences between a Next-Generation Firewall and a Traditional Firewall.


      Following are the main differences between the traditional firewall and Next-Generation firewall,

    • The NGFW can find the identity of a user, whereas the traditional firewall can’t.
    • A traditional firewall can only track the traffic based on 2 to 4 layers. The NGFW tracks the traffic through 5 to 7 layers.
    • A traditional firewall only looks at the header, footer, source, and destination of the incoming packets. The NGFW will also look at the data of the incoming packet.

    37.What is UTM?


      Unified Threat Management (UTM) protects users from security threats. It provides a variety of security features in a single platform that can be used by IT teams to address security challenges. It includes functionalities like anti-virus, content filtering, unapproved website access, spyware, etc.

    38.Explain about integrated threat management.


      Integrated threat management is an approach used to face malware such as blended threats, spam, etc. It protects from intrusion at both gateway and endpoint levels. It enables simplified administration by protecting from all threats for every component in a heterogeneous and integrated environment.

    39.What is Security Fabric?


      The Fortinet Security Fabric has defined as a broad, integrated, and automated cybersecurity platform. It provides seamless protection through expanding attack surface, the profusion of endpoints across multiple environments, etc. It increases the speed of operation by linking different tools through a single console and eliminates security gaps.

    40.Name the different encryption mechanisms available in Fortigate Firewall.


      FortiGate uses AES and DES symmetric-key algorithms for encrypting and decrypting data. Some of the algorithms supported by FortiGate are,

    • des-md5
    • des-sha1
    • des-sha256
    • des-sha384
    • des-sha512
    • aes128-md5
    • aes128-sha1

    41.What do you mean by ‘Aware’ in Fortinet Security fabric?


      Security Fabric provides situational awareness to management and enables continuous improvement. It will establish awareness throughout the network, which means understanding threats. It focuses on understanding the flow of data or information across the network. It controls which packet gets to where and to whom.

    42.Explain about ‘Actionable’ in Fortinet Security Fabric.


      Security Fabric provides a unified view of the distributed attack surface. It has a common set of threat intelligence and centralized orchestration. So it correlates global threat intelligence with local network data and delivers actionable threat intelligence to every security device in your network.

    43.Explain the ‘Scalable’ feature in Fortinet Fabric?


      Security should be provided end-to-end at a deep inspection level. Security Fabric’s software not only scales within the environment, but it also scales seamlessly tracking data from IoT and endpoints. It protects the packet data across distributed networks from IoT to the Cloud.

    44. What is FortiGate firewall?


    FortiGate firewall

    45.What are open APIs in Fortinet Security Fabric?


      An organization might have multiple security devices that serve different purposes. Security Fabric provides open APIs that have to be used to include these devices from technology to an integrated Fortinet security solution. It allows interaction points such as a hypervisor, the SDN orchestration controller, cloud, sandbox, etc.

    46.How is Fortinet’s Fabric-Ready Partner program different from the other partner programs?


      Fortinet Fabric-Ready partner program expands openness by providing integration through open APIs and a variety of scripts using DevOps tools. Fabric connectors allow integration with Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, VMWare NSX, etc. It enables automation of workflows, security policies, and application deployments.

    47.What is a Fortinet Firewall?


      Fortinet firewalls are nothing but purpose-built with security processors mainly used to enable the industry’s best threat protection and performance for SSL-encrypted traffic in an organization. This Fortinet Firewall mainly offers the following usages such as granular visibility of applications, user data protection, and secured IoT devices. These types of appliance firewalls are designed to track any kind of to track the issues.

    48.How can we configure FortiIOS to turn on global strong encryption?


      Global encryption means to allow only strong ciphers (AES, 3DES) and digest (SHA1) for HTTPS, SSH, and SSL/TLS. We can use the below command to configure FortIOS.

    49.What is SPU FortiGate?


      Most FortiGate models contain Security Processing Unit (SPU) Content Processors (CPs) that accelerate many common resource intensive security related processes. CPs work at the system level with tasks being offloaded to them as determined by the main CPU. … Newer FortiGate units include CP9 processors./p>

    50.How can you send logs to FortiAnalyzer/ FortiManager in an encrypted format by using GUI?


      Steps are as follows;

    • Go to Select log & Report ->then select Log settings and configure Remote Logging to FortiAnalyzer/ FortiManager (or Select Encrypt log transmission button).

    51.What does a FortiMail unit do in a transparent mode?


      The FortiMail unit acts as a proxy and does the following operations,

      • Intercepts email messages.
      • Scans for viruses and spam.
      • It sends emails to the destination email server.
      • External MTAs connected to the FortiMail unit.

    52.What are the points that should be considered while mounting a Fortinet firewall (Hardware) in the rack?


      Below are important points which explain how to perform molding Fortinet firewalls;

    • First set the room temperature -> this should be equal to the range of ambient temperature which is given by the original equipment manufacturer system management(OEM).
    • Using a mechanism like reliable power earthing.
    • Firewalls Adequate system airflow used for safe operations.
    • Firewalls Adequate system precautions used for overcurrent management and supply wiring.

    53.Why do we have to deploy a FortiMail unit in transparent mode?


      If the FortiMail unit is operating in transparent mode, then the administrator doesn’t have to configure DNS records for protected domain names.

    54.What actions can be taken against a source IP address generating spam or invalid email messages when using a sender reputation?


      FortiMail unit calculates a sender reputation score and performs actions based on the threshold,

    • If the score is less than the threshold, the sender can send emails without restrictions.
    • If the score lies between the threshold and a reject threshold, the FortiMail unit will send a temporary failure code while delaying email delivery.
    • If the score is greater than the threshold, the FortiMail unit will send a rejection code.

    55.What is the purpose of a dataset query in FortiAnalyzer?


      FortiAnalyzer datasets are collections of log messages from monitored devices. Charts in FortiAnalyzer are generated based on the datasets. To create a chart, you can use the predefined datasets, or you can create your own custom datasets by querying the log messages in the SQL database on the FortiAnalyzer unit.

    56.What profile can be used to protect against denial of service attacks?


      FGCP stands for FortiGate Clustering Protocol. This is one of the proprietaries and popular high availability solutions offered by Fortinet firewall. FortiGate High Availability solution mainly contains two firewalls, which are used for configuring the high availability operation.

    57.What is the FGCP cluster?


      FGCP stands for FortiGate Clustering Protocol. This is one of the proprietaries and popular high availability solutions offered by Fortinet firewall. FortiGate High Availability solution mainly contains two firewalls, which are used for configuring the high availability operation.

    FGCP cluster

    58.What are the various steps that should be taken by any user before performing up-gradation of the firmware of the Fortinet security Firewall?


      The steps are as follows;

    • Back up -> store the old configuration.
    • Back up the copy -> then the old.
    • Fortinet firmware can be executed. This is one of the worst-case scenarios.
    • Now the user needs to Read NOTE command which is released by the manufacturer. This may consist of firewall mechanisms useful information related to debugging fixation, and test the performance, etc.
    • Finally upgrade the system.

    59.How to take a backup of the Fortinet firewall configuration?


      Here you can follow the given CLI commands for the backup configuration;

      • Execute backup config management- station.
      • Execute backup config USD < Filename-backup> []
      • For FTP;
      • Execute backup config ftp [] [] [].
      • For TFTP;
      • Execute backup config tftp .

    60.What happens if the disk logging is disabled in the FortiGate unit?


      If the hard disk logging is disabled, then the logs are written to flash memory. Constant rewrites to flash drives will reduce the lifetime and efficiency of the memory.

    61.How to perform disable activities involved in administrative access management from the internet?

      User can disable the administrative activity access from the outside world through GUI (user interface) AND CLI through CLI;

    • Config system interface
    • Edit
    • Unset allow access
    • End.

    62.Write the important CLI command to disable or deactivate auto USB installation?


      The following is the important CLI code snippet to disable or deactivate USB installation;

    • Config system auto-install.
    • Set auto-install-config disable.
    • Set auto-install-image-disable.
    • End.

    Course Curriculum

    Get JOB Oriented FortiAnalyzer Training for Beginners By MNC Experts

    • Instructor-led Sessions
    • Real-life Case Studies
    • Assignments
    Explore Curriculum

    63.What is Ipsengine in FortiGate?


      The Fortinet IPS engine is the software that applies IPS and application control scanning techniques to content passing through FortiOS. IPS engine updates include detection and performance improvements and bug fixes.

    64.How Fortinet provides support in case of any difficulty or issue faced by any network administrator?


      Below are the important options available to resolve any issue;

      • Knowledge base system.
      • Fortinet document library management.
      • Training and Certification provided by communities.
      • Fortinet Video library usage.
      • Discussion forums maintenance.
      • Technical Contact support availability.

    65.An e-mail message, received by the Fortinet unit is subject to the bounce verification, Antispam check, under which circumstances?


      The envelop MAIL FROM field contains a null reverse-path when a bounce verification key is created and activated.

    66.What is NP6Lite?


      NP6 supports offloading of most IPv4 and IPv6 traffic, IPsec VPN encryption, CAPWAP traffic, and multicast traffic. The NP6Lite is a component of the Fortinet SOC3 and is similar to the NP6 but with a lower throughput and some functional limitations (for example, the NP6Lite does not offload CAPWAP traffic).

    67.Which SMTP sessions are defined As Incoming?


      SMTP sessions for the protected domain.

    68.What is Administrative domains?


      Administrative domains (ADOMs) enable the admin administrator to constrain the access privileges of other FortiAnalyzer unit administrators to a subset of devices in the device list. For Fortinet devices with virtual domains (VDOMs), ADOMs can further restrict access to only data from a specific VDOM for a device. Enabling ADOMs alters the available functions in the GUI and CLI. Access to the functions depends on whether you are logged in as the admin administrator. If you are logged in as the admin administrator, you can access all ADOMs. If you are not logged in as the admin administrator, the settings in your administrator account determines access to ADOMs.

    69.How to adding devices using the wizard?


      To add devices using the wizard:-

    • If using ADOMs, ensure that you are in the correct ADOM.
    • Go to Device Manager and click Add Device.
    • Configure the following settings:
    • IP Address : Type the IP address for the device.
    • SN : Type the serial number for the device.
    • Device Name: Type a name for the device.
    • Device Model: Select the model of the device.
    • Firmware Version: Select the firmware version of the device.
    • Description :Type a description of the device (optional).
    • Click Next. The device is added to the ADOM and, if successful, is ready to begin sending logs to the FortiAnalyzer unit.
    • Click Finish to finish adding the device and close the wizard.

    70.How to Displaying historical average log rates?


      To display historical average logs rates:-

    • If using ADOMs, ensure that you are in the correct ADOM.
    • Go to Device Manager and click the Devices Total tab in the quick status bar.
    • In the Average Log Rate (Logs/Sec) column, click the number to display the graph.
    • Hover the cursor over the graph to display more details.

    71.What is Fabric View?


      The Fabric View module enables you to create fabric connectors and view the list of endpoints. The Fabric View tab is available in version 6.0 ADOMs and later.

    72.What is Fabric Connectors?


      You can use FortiAnalyzer to create the following types of fabric connectors:-

    • l ITSM
    • l Storage on page 33

    Fabric Connectors

    73.What is IDS in FortiGate?


      An intrusion detection system (IDS) is an application that monitors network traffic and searches for known threats and suspicious or malicious activity. The IDS sends alerts to IT and security teams when it detects any security risks and threats.

    74.WAN optimization is, configured in active or passive mode, when will the remote peer accept an attempt to initiate a tunnel?


      The attempt will be accepted when there is a matching WAN optimization passive rule.

    75.How does FortiMail Administrator Retrieve Email Account Information from an LDAP server instead of configuring this data manually on the unit?


      The Configure of the LDAP profile sections “User query options” and “Authentication” then associates the profile to the domain, which is locally configured.

    76.When using a sender reputation on a FortiMail unit, which actions can be taken against a source IP address generating spam or invalid E-mail messages?


    • FortiMail Delays the email messages from that source IP address with a temporary failure.
    • FortiMail Rejects the email messages from that source IP address with a permanent failure.
    • FortiMail Quarantines all the email messages from that source IP address.

    77.What does the security feature of Fortinet Security Fabric benefit us?


      Global and local risk intelligence and lessening information can be shared across individual products to decrease time to protect. Not only does security need to include powerful security tools for the various places and functions in the network, but true visibility and control need these distinct elements to work together as an integrated security system.

    78.What do we mean by Actionable in Fortinet Security Fabric?


    Fortinet Security Fabric

    79.What do we understand by Open APIs in Fortinet Security Fabric?


      Well-defined, open APIs allow leading technology partners to become part of the fabric. Of course, a true security fabric lets us maximize our existing investment in security technologies. That is why Fortinet has developed a series of well-defined, open APIs that allow technology partners to become a part of the Fortinet Security Fabric. Combined, the Fortinet Security Fabric is able to quickly adapt to the evolving network architecture as well as changing the threat landscape.

    80.Why is the idea of a security fabric so important to network security in this current environment?


      In this futuristic era, companies have to deal with a growing list of issues that put incredible strain on their security capabilities, including the Internet of Things, virtualization, SDN, a growing portfolio of interactive applications, and transitioning to cloud-based networking.

    81.What distinguishes Fortinet’s security fabric approach from other vendors’ attempts at an integrated platform?


      Fortinet distinguishes itself from other vendors with intentionally designed integration beginning with a unified operating system, highly optimized hardware and software processing with unmatched zero-day discovery, and a detection approach that combines behavioral detection, machine learning, and hardware virtualization.

    82.How does Fortinet’s Security Fabric benefit Fortinet’s global partner network of distributors and solution providers?


      Because of its significant and complex character, security continues to be one of the largest opportunities for the channel. Partners that can plan, design, deploy and optimize an integrated security system are finding a growing demand for their skills. By combining the traditional security devices and emerging technologies together into an integrated security fabric, associates can help their customers collect and respond to intelligence that is more actionable, synchronize risk responses, and centralize the creation, distribution, and orchestration of their security management and further investigation.

    83.How is Fortinet’s Fabric-Ready Partner program different from the partner programs we see other vendors promoting?


      Like many other partner programs, Fortinet’s Fabric-Ready Partner Program brings together best-in-class technology alliance partners. Unlike other approaches, Fortinet’s approach actually allows the partners to deliver pre-integrated, end-to-end security offerings ready for deployment in any organization.

    84.An e-mail message, received by the FortiMail unit is subject to the bounce verification, Antispam check, under which circumstances?


      The envelope MAIL FROM field contains a null reverse-path when a Bounce Verification key is created and activated.

    85.Network Administrator of a FortiMail Unit operating in server mode has been given the requirement to configure disk quotas for all the users of a specific domain. How can the administrator achieve this requirement?


      The network administrator needs to define a disk quota value in a resource profile.

    86.Which operational mode allows the FortiMail unit to operate as a full-featured email server rather than just a mail relay agent?


      In Server Mode, FortiMail, operate as a full-featured email server rather than just a mail relay agent.

    87.What is the one reason for deploying a FortiMail unit in transparent mode?


      If the network administrator deploys the FortiMail unit in transparent mode then DNS records do not necessarily have to be modified.

    88.Which SMTP Sessions is defined as incoming?


      SMTP sessions for the protected domain are defined as incoming.

    89.Which back-end servers can be used to provide recipient verification?


      LDAP servers, and SMTP servers.

    90.A System Administrator Is Concerned By The Amount Of Disk Space Being Used To Store Quarantine Email Messages For Non-existent Accounts. Which Techniques Can Be Used On A FortiMail Unit To Prevent Email Messages From Being Quarantined For Non-existent Accounts?


      Recipient Address Verification should be adopted to prevent E-mail messages from being quarantined for non-existent accounts.

    91.In The Local Storage Structure Of The Fortimail Unit, What Does The Flash Memory Contain?


      The Flash Memory Contain Firmware Image along with System Configuration and Certificates.

    92.What Is The Method Does The Fortigate Unit Use To Determine The Availability Of A Web Cache Using Web Cache Communication Protocol (wccp)?


      The web cache sends an “I see you” message which is captured by the FortiGate unit.

    93.What Is One Reason For Deploying A Fortimail Unit In Transparent Mode?


      DNS records do not necessarily have to be modified.

      Configure the LDAP profile sections “User query options” and “Authentication” then associate the profile to the domain that is locally configured.

    94.Which Operation Is Performed By The Forged Ip Scanning Technique?


      DNS PTR record lookup on the sender’s IP address then A record lookup on the canonical hostname.

    95.Which Operational Modes Support High Availability?


    • Transparent Mode.
    • Gateway Mode.
    • Server Mode.

    96.Which History Log Field Indicates The Action Taken By The Fortimail Unit Regarding A Specific Email?



    97.Which High Availability Mode Should An Administrator Choose To Provide Increased Processing Capabilities?



    FortiNet Sample Resumes! Download & Edit, Get Noticed by Top Employers! Download

    98.Which Operational Mode Allows The Fortimail Unit To Operate As A Full Featured Mail Server Rather Than Just A Mail Relay Agent?


      Server Mode.

    Are you looking training with Right Jobs?

    Contact Us

    Popular Courses

    Get Training Quote for Free