Do not worry about your Fortinet Certification FCNSP exam preparation? Hand over your problems to CertBus in change of the Fortinet Certification FCNSP FortiOS 4.0 GA, FortiAnalyzer 4.0 GA(FCNSP v4.0) certifications! CertBus provides the latest Fortinet Fortinet Certification FCNSP exam preparation materials with PDF and VCEs. We CertBus guarantees you passing Fortinet Certification FCNSP exam for sure.
We CertBus has our own expert team. They selected and published the latest FCNSP preparation materials from Fortinet Official Exam-Center: http://www.certgod.com/FCNSP.html
QUESTION NO: 1
FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit
using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSSO in a Windows domain environment
when NTLM and Polling Mode are not used? (Select all that apply.)
A. An FSSO Collector Agent must be installed on every domain controller.
B. An FSSO Domain Controller Agent must be installed on every domain controller.
C. The FSSO Domain Controller Agent will regularly update user logon information on the
FortiGate unit.
D. The FSSO Collector Agent will retrieve user information from the Domain Controller Agent and
will send the user logon information to the FortiGate unit.
E. For non-domain computers, the only way to allow FSSO authentication is to install an FSSO
client.
Answer: B,D
Explanation:
QUESTION NO: 12
The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to
open the archive. Review the configuration in the exhibits shown below; then answer the question
that follows.
Exhibit A – Antivirus Profile:
Exhibit B – Non-default UTM Proxy Options Profile:
Exhibit C – DLP Profile:
Which of one the following profiles could be enabled in order to prevent the file from passing
through the FortiGate device over HTTP on the standard port for that protocol?
A. Only Exhibit A
B. Only Exhibit B
C. Only Exhibit C with default UTM Proxy settings.
D. All of the Exhibits (A, B and C)
E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).
Answer: C
Explanation:
QUESTION NO: 9
For Data Leak Prevention, which of the following describes the difference between the block and
quarantine actions?
A. A block action prevents the transaction. A quarantine action blocks all future transactions,
regardless of the protocol.
B. A block action prevents the transaction. A quarantine action archives the data.
C. A block action has a finite duration. A quarantine action must be removed by an administrator.
D. A block action is used for known users. A quarantine action is used for unknown users.
Answer: A
Explanation:
QUESTION NO: 3
In a High Availability cluster operating in Active-Active mode, which of the following correctly
describes the path taken by the SYN packet of an HTTP session that is offloaded to a subordinate
unit?
A. Request: Internal Host; Master FortiGate; Slave FortiGate; Internet; Web Server
B. Request: Internal Host; Master FortiGate; Slave FortiGate; Master FortiGate; Internet; Web
Server
C. Request: Internal Host; Slave FortiGate; Internet; Web Server
D. Request: Internal Host; Slave FortiGate; Master FortiGate; Internet; Web Server
Answer: A
Explanation:
QUESTION NO: 4
Which of the following statements are correct regarding virtual domains (VDOMs)? (Select all that
apply.)
A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple,
independent units.
B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.
C. VDOMs share firmware versions, as well as antivirus and IPS databases.
D. Only administrative users with a \’super_admin\’ profile will be able to enter multiple VDOMs to
make configuration changes.
Answer: A,B,C
Explanation:
QUESTION NO: 6
Data Leak Prevention archiving gives the ability to store files and message data onto a
FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.)
A. SNMP
B. IPSec
C. SMTP
D. POP3
E. HTTP
Answer: C,D,E
Explanation:
QUESTION NO: 11
Examine the Exhibits shown below, then answer the question that follows.
Review the following DLP Sensor (Exhibit 1):
Review the following File Filter list for rule #1 (Exhibit 2):
Review the following File Filter list for rule #2 (Exhibit 3):
Review the following File Filter list for rule #3 (Exhibit 4):
An MP3 file is renamed to ‘workbook.exe’ and put into a ZIP archive. It is then sent through the
FortiGate device over HTTP. It is intercepted and processed by the configuration shown in the
above Exhibits 1-4.
Assuming the file is not too large for the File scanning threshold, what action will the FortiGate unit
take?
A. The file will be detected by rule #1 as an ‘Audio (mp3)’, a log entry will be created and it will be
allowed to pass through.
B. The file will be detected by rule #2 as a “*.exe”, a log entry will be created and the interface that
received the traffic will be brought down.
C. The file will be detected by rule #3 as an Archive(zip), blocked, and a log entry will be created.
D. Nothing, the file will go undetected.
Answer: A
Explanation:
QUESTION NO: 10
How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.)
A. File TypE. Microsoft Office(msoffice)
B. File TypE. Archive(zip)
C. File TypE. Unknown Filetype(unknown)
D. File NamE. “*.ppt”, “*.doc”, “*.xls”
E. File NamE. “*.pptx”, “*.docx”, “*.xlsx”
Answer: B,E
Explanation:
QUESTION NO: 2
Which of the following represents the correct order of criteria used for the selection of a Master
unit within a FortiGate High Availability (HA) cluster when master override is disabled?
A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number
B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number
C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number
D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number
Answer: B
Explanation:
QUESTION NO: 5
What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully-
meshed set of IPSec tunnels? (Select all that apply.)
A. Using a hub and spoke topology is required to achieve full redundancy.
B. Using a hub and spoke topology simplifies configuration because fewer tunnels are required.
C. Using a hub and spoke topology provides stronger encryption.
D. The routing at a spoke is simpler, compared to a meshed node.
Answer: B,D
Explanation:
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the FCNSP exam successfully with our Fortinet materials. CertBus FortiOS 4.0 GA, FortiAnalyzer 4.0 GA(FCNSP v4.0) exam PDF and VCE are the latest and most accurate. We have the best Fortinet in our team to make sure CertBus FortiOS 4.0 GA, FortiAnalyzer 4.0 GA(FCNSP v4.0) exam questions and answers are the most valid. CertBus exam FortiOS 4.0 GA, FortiAnalyzer 4.0 GA(FCNSP v4.0) exam dumps will help you to be the Fortinet specialist, clear your FCNSP exam and get the final success.
FCNSP Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mSFB3ZGRJRTI3S28/view?usp=sharing
FCNSP Fortinet exam dumps (100% Pass Guaranteed) from CertBus: http://www.certgod.com/FCNSP.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
 |  |  |  |  | |
|---|---|---|---|---|---|
 |  | | |  | |
| Brand | Certbus | Testking | Pass4sure | Actualtests | Others |
| Price | $45.99 | $124.99 | $125.99 | $189 | $69.99-99.99 |
| Up-to-Date Dumps |  |  | | | |
| Free 365 Days Update | | | | | |
| Real Questions | | | | | |
| Printable PDF | | | | | |
| Test Engine | | | | | |
| One Time Purchase | | | | | |
| Instant Download | | | | | |
| Unlimited Install | | | | | |
| 100% Pass Guarantee | | | | | |
| 100% Money Back | | | | | |
| Secure Payment | | | | | |
| Privacy Protection | | | | | |