EXAMEN1:
Which data center FortiGate model has 40G ports? FortiGate 500D FortiGate 1500D FortiGate 3700D FortiGate 3810D
Which data center FortiGate model has 100G ports? FortiGate 500D FortiGate 1500D FortiGate 3700D FortiGate 3810D
Which FortiASIC is used to accelerate firewall performance? performance? Content Processor CPU Network Processor Switching Processor
How many individual FortiGuard services are available to FortiGate appliances? 4 5 7 8
Where are virtual machine firewall appliances typically deployed? Campus edge Data center Small or branch office Cloud
Which FortiASIC is used to accelerate NGFW performance? Content Processor CPU Network Processor Switching Processor
What integration is required for SDN Functionality? Different Hypervisor Support Orchestration API Support Virtual machine Firewall Flexible Management Software
How many elements make up the High Performance Integrated Network Security Platform? 3 4 5 6
What type of Firewall is used for data center north-south traffic? NGFW Appliance High Speed Data Center Firewall Virtual machine Firewall UTM
What type of firewall is used for data center east-west traffic? NGFW Appliance High Speed Data Center Firewall Virtual machine Firewall UTM
What length of contract (term) options are available for licensing FortiGuard and FortiCare services with a FortiGate purchase? 1 year only 1 and 2 year options 1, 2 and 3 year options 3 years only
Where are UTM appliances typically deployed? Campus edge Data center Small or branch office Cloud
Which FortiGate models have been tested by NSS in 2014 for NGFW Performance? (select all that apply) FortiGate 500D FortiGate 1500D FortiGate 3600C FortiGate 3700D
Which of the following is the core element of the High Performance Integrated Network Security Platform? Threat Intelligence Services Management and Analytics Application and Wireless Security
Virtualization and Cloud FortiGate Firewall Platform
Which is a typical Data Center Firewall throughput range? 1 - 100Mbps 1- 1Gbps 1- 20Gbps 10 – 100Gbps
What type of Firewall is used for data center north-south traffic? NGFW Appliance High Speed Data Center Firewall Virtual machine Firewall UTM
Which FortiGate models are typically used in the data center? FortiGate 30-90 Series FortiGate 100 – 800 Series FortiGate 1000 – 3000 Series FortiGate 7000 Series
How are FortiCare service prices calculated? As a % of the software price As a % of the hardware price Independent of the hardware price Fixed price regardless of the FortiGate model chosen
Which is a typical NGFW throughput range? 1 - 100Mbps
1- 1Gbps 1- 20Gbps 10 – 100Gbps
Which of the following is not a key FortiGate differentiator? FortiGuard Threat Research & Security Updates Industry Leading Price Network & Security Convergence Industry Leading Price/Performance
EXAMEN 2 FortiGate delivers 5x the performance of other NGFWs because of which technology?
Distributed Packet Selection Content Cache Evaluation Custom ASICs The primary reason a customer would buy a Next Generation Firewall is:
To protect a data center from a DDoS attack. To secure the enterprise edge from network-based threats. To provide wireless connectivity to guest users.
What elements must you purchase to get an NGFW solution from Fortinet?
FortiGate model FortiGuard services Both FortiGate model and FortiGuard services True or false, an NGFW can identify an application amid the total traffic flowing through the firewall appliance regardless of the port it uses?
True False FortiGuard’s services receive top ratings from which independent industry test service?
Virus Bulletin AV Comparatives NSS Labs All of the above FortiGate NGFWs are available as:
Hardware appliances Virtual appliances Both hardware and virtual appliances Which FortiGuard service is used by FortiGate NGFWs?
Endpoint DDoS IPS
All of the above True or false, FortiGuard provides the NGFW services for FortiGate?
True False True or false, a top reason a customer would buy a Next Generation Firewall is to get additional protection against advanced threats and to reduce risk of data breach:
True False The main customer segment for Next Gen Firewalls is:
Enterprise Data Center Small/Home Office
EXAMEN 3 Which of the following are feasible locations to deploy a firewall in the data center?
At the data center edge At the data center core Top-of-rack All of the above
Which of the following is a correct statement about Virtual Domain functionality?
Virtual Domains are used to give hackers the appearance of firewall protection in lieu of an actual firewall appliance Virtual Domains allow a single FortiGate appliance to be divided up into multiple logical firewall instances that can be managed and configured independently. Virtual Domains are used only when protecting virtualized servers.
Which of the FortiGate product lines offer NP6 ASIC acceleration, high 10GbE port density, AND high-speed 40/100 GbE interfaces?
All entry-level, mid-range, and high-end FortiGate product lines High-end FortiGate product lines (1000 to 5000-series) Only carrier-grade FortiGate 5000-series chassis and blade solution
What was a given customer scenario when high connections/second and concurrent user sessions were important firewall performance criteria?
Massive numbers of mobile users accessing data center services at the same time during peak periods Online shoppers cannot check out due to poor web site design and keep logging in over and over Researchers transferring very large data sets from remote scientific instruments There are never scenarios where connections/sec and concurrent user sessions matter; firewall throughput is the only thing that matters
What did several key industry analysts cite as a primary reason Fortinet has ascended to be a top vendor in carrier and enterprise data center firewalls?
Strong security appliance performance and price Aggressive marketing and branding efforts Direct sales channels that bypass the middleman
Which of the following statements is correct about security functions available in FortiGate data center firewalls?
They deliver very high firewall throughput, but as a tradeoff do not have intrusion prevention or antivirus functionality in the box All FortiGates offer firewall, intrusion prevention, antivirus and other security functionality built into a common platform To use multiple security functions, multiple virtual domains must be configured - one VDOM must be configured for firewall, another for intrusion prevention, etc.
Which is a correct statement about the hardware IPv6 capabilities of the latestgeneration FortiASIC NP6 network processors?
The FortiASIC NP6 cannot yet handle IPv6 packet forwarding The FortiASIC NP6 can forward IPv6 packets, but at a slower rate than IPv4 packets The FortiASIC NP6 can forward IPv6 packets at the same rate as IPv4 packets
TRUE or FALSE – For firewall throughput above 100Gbps, customers must always choose a chassis-based solution from vendors, because the power and thermal requirements are just too much for compact appliance form factors.
True False
The latest generation FortiASIC NP6 can forward 45 million IPv4 packets per second (pps). What is its IPv6 forwarding performance in comparison?
1 million packets per second 4.5 million packets per second 45 million packets per second 100 million packets per second
What is a key reason FortiGate firewalls are much more power efficient than competing vendor solutions?
FortiGate firewalls use custom ASICs that consume one-tenth the power of general purpose Intel CPUs FortiGate firewalls offer slow network speeds in o rder to conserve power FortiGate firewalls run on battery packs to draw l ess power from the plug
EXAMEN 4 The primary reason a customer would buy a UTM device is:
To sandbox malicious threats before they are able t o attack applications. To connect and secure small and branch office networks. To provide wireless connectivity to guest users. FortiGate appliances support which WAN connectivity technologies:
Cable, DSL, 3G/4G, Satellite, Dial-up Only dial-up Bluetooth True or false, FortiGate appliances provide reduced complexity, simplified management and reduced training costs?
True False True or false, a top target customer segment for UTM is Large Data Centers?
True False FortiGate appliance provide which FortiGuard Services:
Antivirus serivce only Antivirus and anti-spam services only Web filtering, antivirus and anti-spam services Web filtering, antivirus and Web application security services True or false, a UTM’s main function is to enable 2-factor authentication for an enterprise?
True False True or false, FortiGate appliances are used primarily to accelerate application delivery performance?
True False
FortiGate appliances are available as:
Hardware-only appliances Virtual-only appliances Both hardware and virtual appliances True or false, a UTM device is needed most by organizations that need to protect Web applications?
True False True or false, a UTM device is needed most by organizations that need to protect against DDoS attacks?
True False If a customer needs a consolidated security device including firewall, VPN, IPS, antivirus, anti-spam, and web filtering, to connect and secure small and branch office networks, they most likely will need:
A UTM appliance A DDoS Attack Mitigation Appliance A Web Application Firewall If an organization needs to connect and secure small and branch offices, they most likely will need:
A Web Application Firewall A UTM device 2-factor authentication True or false, a primary reason a customer would buy a UTM device is to protect applications from code-based vulnerabilities before they are able to attack applications?
True False
EXAMEN 6 Advanced threats focus on
Getting access to corporate users email Disguising themselves in order to slip past known securit y detection Overwhelming and consuming available internet bandwidth Creating situations where services are unavailable to users Which growing cyber challenges does a malicious hacker use to his benefit in planning an attack?
Growing attack surface Integrated attack transit Accelerated threat volume All of the above True or False, FortiGuard Security Services are designed for both physical and virtual security solutions.
True False Which security service is the most resource/compute intensive?
IPS Antivirus Anti–spam Web filtering The three steps in Fortinet’s Advanced Threat Protection system are:
Detect, analyze, share Prevent, detect, mitigate Block, allow, remediate Synergistic development of your security services will deliver:
a. The most effective network performance b. Layered security with no redundancy c. Both a. and b. True or False , A single CPRL signature can catch many variants of a single malware, including new ones
True
False The main purpose of the Fortinet Advanced Threat Protection system is :
To deliver effective prevention by turning unknown threats into known threats, and providing consistent protection globally To organize security and networking products by threat category To provide a set of qualifying questions on ATP attacks to our customers Which of the below elements indicate a growing, more sophisticated cybercrime society/ecosystem?
Education and training Storefront , Service economy Specialty / Diversity All of the above Which Fortinet solution does NOT leverage FortiGuard Labs’ threat intelligence?
FortiGate FortiSandbox FortiSwitch FortiMail What is FortiGuard Labs?
Fortinet’s in-house security research and response team A threat research team that constantly monitors the evolving threat landscape globally A team that develops new adaptive defense tools to help protect against multi-vector Zero-day attacks. All of the above What type of attack element can the Anti-spam Service help prevent?
Creating a botnet Getting control over an application Serving email with a malicious link What type of attack element can Web filtering help prevent?
Botnet creation Manipulation of end users leading to access of malicious websites Getting control over an application
