Page 1

Pass Certification No1. Test Preparation Resource

Fortinet FCNSP Exam Fortinet Certified Network Security Professional

Version = Demo Total Questions in Original Product = 60

http://www.passcertification.com/FCNSP.html


Question: 1

What advantages are there in using a fully Meshed IPSec VPN configuration instead of a hub and spoke set of IPSec tunnels? A. Using a hub and spoke topology is required to achiev full redundancy. B. Using a full mesh topology simplifies configuration. C. Using a full mesh topology provides stronger encryption. D. Full mesh topology is the most fault-tolerant configuration.

Answer: D

Question: 2

What is the effect of using CLI “config system session-ttl� to set session_ttl to 1800 seconds? A. Sessions can be idle for no more than 1800 seconds. B. The maximum length of time a session can be open is 1800 seconds. C. After 1800 seconds, the end user must reauthenticate. D. After a session has been open for 1800 seconds, the FortiGate unit will send a keep alive packet to both client and server.

Answer: A

Question: 3

In a High Availability configuration operation in Active-Active mode, which of the following correctly describes the path taken by a load-balanced HTTP session? A. Request: Internal Host -> Master FG ->Slave FG ->Internet ->Web Server B. Request: Internal Host -> Master FG ->Slave FG ->Master FG -> Internet ->Web Server C. Request: Internal Host -> Slave FG ->Internet ->Web Server D. Request: Internal Host -> Slave FG -> Master FG -> Internet ->Web Server

Answer: B

PassCertification.com- FCNSP Exam Questions and Answers

1


Question: 4

WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule. B. The attempt will be accepted when there is a matching WAN optimization passive rule. C. The attempt will be accepted when the request comes from a known peer. D. The attempt will be accepted when a user on the remote peer accepts the connection request.

Answer: B

Question: 5

A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit. Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?

A. The FortiGate unit is considered an unregistered device. B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator. C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges. D. The FortiGate unit is being treated as a syslog device and is only permitted to send log data

Answer: D

PassCertification.com- FCNSP Exam Questions and Answers

2


Pass Certification No1. Test Preparation Resource

Fortinet FCNSP Exam Fortinet Certified Network Security Professional

Version = Demo Total Questions in Original Product = 60

http://www.passcertification.com/FCNSP.html

PassCertification.com- FCNSP Exam Questions and Answers

3

FCNSP Test Free PDF Demo  

Free Fortiner FCNSP Exam Questions and PDFs Demo. You will get 100% Money Back Guarantee. Visit http://www.passcertification.com/FCNSP.html...

Read more
Read more
Similar to
Popular now
Just for you