Scribd Logo
Upload

Welcome to Scribd!

  • 53 views

    Fortinet - Premium.nse6 .By .VCEplus.23q DEMO Premium

    Uploaded by

    Eric ROTICH
    This document provides a 60-question practice exam for the Fortinet NSE6 certification. It includes the exam details such as the exam code, name, provider, corresponding certification, passing score, time limit, and website. It then lists the 60 multiple choice practice questions along with the correct answers and brief explanations for each question. The questions cover topics related to FortiAuthenticator, RADIUS authentication, 802.1X, certificates, and FortiMail. The document also provides links to the company's website, free exam, VCE to PDF converter, Facebook, Twitter, Google+, and LinkedIn pages.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Fortinet - Premium.nse6 .By .VCEplus.23q DEMO Premium

    Uploaded by

    Eric ROTICH
    53 views10 pages
    This document provides a 60-question practice exam for the Fortinet NSE6 certification. It includes the exam details such as the exam code, name, provider, corresponding certification, passing score, time limit, and website. It then lists the 60 multiple choice practice questions along with the correct answers and brief explanations for each question. The questions cover topics related to FortiAuthenticator, RADIUS authentication, 802.1X, certificates, and FortiMail. The document also provides links to the company's website, free exam, VCE to PDF converter, Facebook, Twitter, Google+, and LinkedIn pages.

    Original Title

    Fortinet.premium.nse6 .by .VCEplus.23q DEMO Premium

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides a 60-question practice exam for the Fortinet NSE6 certification. It includes the exam details such as the exam code, name, provider, corresponding certification, passing score, time limit, and website. It then lists the 60 multiple choice practice questions along with the correct answers and brief explanations for each question. The questions cover topics related to FortiAuthenticator, RADIUS authentication, 802.1X, certificates, and FortiMail. The document also provides links to the company's website, free exam, VCE to PDF converter, Facebook, Twitter, Google+, and LinkedIn pages.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    53 views10 pages

    Fortinet - Premium.nse6 .By .VCEplus.23q DEMO Premium

    Uploaded by

    Eric ROTICH
    This document provides a 60-question practice exam for the Fortinet NSE6 certification. It includes the exam details such as the exam code, name, provider, corresponding certification, passing score, time limit, and website. It then lists the 60 multiple choice practice questions along with the correct answers and brief explanations for each question. The questions cover topics related to FortiAuthenticator, RADIUS authentication, 802.1X, certificates, and FortiMail. The document also provides links to the company's website, free exam, VCE to PDF converter, Facebook, Twitter, Google+, and LinkedIn pages.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 10

    Fortinet.Premium.NSE6.by.VCEplus.

    60q

    Number: NSE6 VCEplus
    Passing Score: 800
    Time Limit: 120 min
    File Version: 1.0

    Exam Code: NSE6


    Exam Name: Fortinet Advanced Products Professional
    Certification Provider: Fortinet
    Corresponding Certification: NSE6
    Website: www.vceplus.com
    Free Exam: https://vceplus.com/exam-nse6/
    Questions & Answers Exam Engine is rigorously checked before being put up for sale. We make sure there is nothing irrelevant in NSE6 exam products and you
    get latest questions. We strive to deliver the best NSE6 exam product for top grades in your first attempt.

    VCE to PDF Converter : https://vceplus.com/vce-to-pdf/


    Facebook: https://www.facebook.com/VCE.For.All.VN/
    Twitter : https://twitter.com/VCE_Plus
    Google+ : https://plus.google.com/+Vcepluscom
    LinkedIn : https://www.linkedin.com/company/vceplus

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    QUESTION 1
    Which of these is an OATH-based standard to generate one-time password tokens?

    A. SCEP
    B. EAP-TLS
    C. TOTP
    D. HOTP

    Correct Answer: C
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 2
    Which two types of digital certificates can you create in FortiAuthenticator? (Choose two.)

    A. 3rd-party root certificate
    B. Local services certificate
    C. User certificate
    D. CRL

    Correct Answer: BC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 3
    You are a FortiAuthenticator administrator for a large organization, and suddenly all of the FortiToken 200 users in the organization are unable to authenticate using
    their tokens. What is the most probable reason?

    A. The FortiAuthenticator system time is not synchronized using NTP and has drifted.
    B. The X.509 certificates on the tokens, or the root CA certificate that signed the certificates, have been revoked.
    C. The clocks on all the tokens have drifted and require re-synchronizing.

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    D. The tokens have all been locked.

    Correct Answer: AC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 4
    Which is not a supported captive portal authentication method?

    A. SMS self-registration
    B. Facebook authentication
    C. Apple ID authentication
    D. MAC address authentication

    Correct Answer: D
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 5
    Which CLI command on FortiAuthenticator is not used for troubleshooting network connectivity issues?

    A. ping
    B. tcpdump
    C. traceroute
    D. NTRADPing

    Correct Answer: D
    Section: (none)
    Explanation

    Explanation/Reference:

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    QUESTION 6
    Which behavior does not exist for certificate revocation lists (CRLs) on FortiAuthenticator?

    A. All local CAs share the same CRLs
    B. CRLs can be exported
    C. Revoked certificates are automatically placed on the CRL
    D. SCEP can be used to distribute CRLs

    Correct Answer: C
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 7
    A device that is 802.1X non-compliant must be connected to the network. Which authentication method can you use to authenticate the device with
    FortiAuthenticator?

    A. EAP-TTLS
    B. EAP-TLS
    C. PEAP (MSCHAPv2)
    D. MAC authentication bypass

    Correct Answer: D
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 8
    Which statements are true for the EAP-TTLS authentication method? (Choose two.)

    A. Uses mutual authentication
    B. Validates only the server (FortiAuthenticator) identity
    C. Requires an EAP server certificate
    D. Supports a port access control (wired) solution only

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    Correct Answer: AC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 9
    Which statements are true about the FortiAuthenticator CLI? (Choose two.)

    A. The CLI is used for initial configuration, factory resets, and debugging only
    B. The CLI is accessible through the dashboard of the Web-based manager
    C. The CLI is accessible through a terminal emulation application using the SSH protocol
    D. The CLI is used to configure DNS server addresses

    Correct Answer: AC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 10
    RADIUS authentication with FortiAuthenticator is not working. The traffic sniffer indicates that client traffic is not reaching FortiAuthenticator. Which could be the
    cause of the problem? (Choose two.)

    A. Incorrect RADIUS client IP and pre-shared secret
    B. Group filters on the RADIUS client
    C. Authentication method on the RADIUS client
    D. Firewall policies on FortiGate

    Correct Answer: AD
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 11

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    Which statements are true about the RADIUS service on FortiAuthenticator? (Choose two.)

    A. FortiAuthenticator only answers to RADIUS clients that are registered with FortiAuthenticator
    B. Local users can be authenticated through RADIUS
    C. Administrator users can be authenticated through RADIUS
    D. RADIUS clients must accept the RADIUS challenge response method if using two-factor authentication

    Correct Answer: CD
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 12
    You want to allow guests to authenticate to your network through Facebook. What configuration is required on FortiAuthenticator? (Choose two.)

    A. A RADIUS client, in order to enable the social portal
    B. A user group
    C. An external authentication portal
    D. A Facebook key and secret

    Correct Answer: AC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 13
    Which Fortinet Single Sign-on (FSSO) user identity discovery method can FortiAuthenticator use if the device or user identity cannot be established transparently,
    such as with non-domain BYOD devices?

    A. External Syslog
    B. RADIUS accounting
    C. Active Directory polling
    D. Portal authentication

    Correct Answer: D

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 14
    What is one requirement for your network when deploying FortiAuthenticator?

    A. FortiAuthenticator must be positioned in an active-active geographic load-balanced high availability (HA) network
    B. FortiAuthenticator must have a management computer connected to port 1
    C. Policies must have specific ports open between FortiAuthenticator and the authentication clients
    D. Multiple FortiAuthenticator are required if more than one FortiGate exists in your network

    Correct Answer: B
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 15
    What statement is true for the self-service portal? (Choose two.)

    A. Administrator approval is required for all self-registrations
    B. Self-registration information can be sent to the user through email and SMS
    C. Realms can be used to configure what self-registered users or groups can access the network
    D. Users self-register through the social portal splash screen

    Correct Answer: AB
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 16
    Which configuration object in FortiMail would be used to attach the string "[SPAM DETECTED]" to the subject header of email messages determined by FortiMail
    to be spam? (Choose one.)

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    A. Content profile
    B. Antivirus action profile
    C. Antispam profile
    D. Antispam action profile

    Correct Answer: AC
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 17
    If the corporate email policy dictates that SMTP over SSL/TLS is preferred for inbound SMTP connections and required for outbound SMTP connections, which
    FortiMail configuration object would be used?

    A. Recipient policies
    B. IP policies
    C. Access control rules
    D. Session profiles

    Correct Answer: C
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 18
    In a server mode config-only cluster, where is the mail data stored? (Choose one.)

    A. Internal FortiMail appliance storage
    B. FortiCloud storage
    C. External NAS storage
    D. Server mode is not supported with config-only clusters

    Correct Answer: C

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 19
    Once an antispam profile has been configured, how is it put into action?

    A. By selecting it in a session profile.
    B. By selecting it in an access control receive rule.
    C. By selecting it in an IP policy and/or a recipient policy.
    D. By selecting it in the protected domain configuration.

    Correct Answer: B
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 20
    Why is it recommended to choose the FortiMail operation mode early in the setup process?

    A. If you forget to change the operation mode soon enough, the license becomes invalid.
    B. When the operation mode is changed, most settings revert to their factory defaults.
    C. If you forget to change the operation mode soon enough, it is locked to its present value.
    D. The operation mode can only be set by the Quick Start Wizard.

    Correct Answer: B
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 21
    If the FortiMail administrator wished to identify emails which were sent to a particular email address so that those emails could be processed differently, which
    configuration object would the administrator use?

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online
    A. Session profile
    B. IP-based policy
    C. Access receive rule
    D. Recipient-based policy

    Correct Answer: D
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 22
    In transparent mode, when choosing between using the built-in MTA or using the transparent proxy, what difference might be encountered regarding mail routing?

    A. The transparent proxy can only be enabled on a route mode interface.
    B. In split-horizon DNS setups, the transparent proxy will get confused and route mail back to the sender.
    C. The built-in MTA may decide to route the message to a different next-hop MTA.
    D. The transparent proxy may decide to route the message to a different next-hop MTA.

    Correct Answer: D
    Section: (none)
    Explanation

    Explanation/Reference:

    QUESTION 23
    Access delivery rules provide which two of the following functions? (Choose two.)

    A. Enforce specific TLS requirements.
    B. Trigger IBE or S/MIME encryption.
    C. Block access to specific protected domains.
    D. Route the delivery of email messages to alternate mailboxes.

    Correct Answer: CD
    Section: (none)

    www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Online

    You might also like