• ホーム
  • ブログ
  • 無料更新されたFortinet EMEA-Advanced-Supportテストエンジン問題には52問あります [Q17-Q36]

無料更新されたFortinet EMEA-Advanced-Supportテストエンジン問題には52問あります [Q17-Q36]

Share

無料更新されたFortinet EMEA-Advanced-Supportテストエンジン問題には52問あります

ベストな問題集を使おうFortinet NSE EMEA-Advanced-Support専門試験問題

質問 # 17
Which of the following is a network monitoring protocol?

  • A. SSH
  • B. SNMP
  • C. RDP
  • D. Telnet

正解:B

解説:
SNMP (Simple Network Management Protocol) is specifically designed for monitoring and managing network devices, allowing administrators to query device status, performance metrics, and configure alerts for issues. It operates by using agents on devices that report to a central manager. In contrast, RDP is for remote desktop access, Telnet for unsecure remote command-line access, and SSH for secure remote access. SNMP is the standard protocol for network monitoring in Fortinet products like FortiGate, FortiSwitch, etc. Exact extract: SNMP enables administrators to monitor how devices are performing and make changes to network devices so that data moves through the network more efficiently. Simple Network Management Protocol (SNMP) enables you to monitor hardware on your network. The FortiSwitch SNMP implementation is read- only. Monitoring FortiAP with SNMP. You can enable SNMP directly on FortiAP by implementing a SNMPD daemon/subagent on the FortiAP side. The Simple Network Management Protocol (SNMP) allows you to monitor hardware on your network. You can configure the hardware, such as the FortiProxy SNMP agent.


質問 # 18
Which of the following are classful addresses? (Select all that apply below)

  • A. 172.16.0.0/24
  • B. 10.225.30.0/16
  • C. 10.225.30.0/8
  • D. 172.16.0.0/16

正解:C、D

解説:
Classful addressing follows the original IP address classes: Class A (/8), Class B (/16), and Class C (/24).
Option A (10.225.30.0/8) is a Class A address, and C (172.16.0.0/16) is a Class B address. Option B (10.225.30.0/16) and D (172.16.0.0/24) use non-standard masks for their respective ranges, making them classless (CIDR). The original document incorrectly lists only A. Fortinet routing supports both classful and classless addressing. Exact extract: "Classful addressing uses fixed subnet masks: Class A (/8), Class B (/16), and Class C (/24)... Addresses like 10.0.0.0/8 and 172.16.0.0/16 are classful, while non-standard masks indicate classless addressing."


質問 # 19
Which of these BGP paths will be the preferred one ?

  • A. Prefer the path with the shortest AS Path
  • B. Prefer the path with the highest Local Preference value
  • C. Prefer the path with the lowest Multi-Exit Discriminator (MED)
  • D. Prefer External path (learned via EBGP) over Internal path (IBGP)

正解:B

解説:
BGP path selection follows a specific order of attributes to determine the best path. The process prefers the path with the highest local preference first, as it is one of the earliest steps in the decision process. Local preference is used within an AS to influence outbound traffic. Only if local preferences are equal does it move to the next criteria, such as shortest AS path. The AS path length is considered after local preference, MED after that, and eBGP over iBGP even later. Therefore, among the options, the highest local preference (D) is the most preferred criterion. The original document's answer B is incorrect based on standard BGP selection rules implemented in Fortinet. Exact extract: This article describes the BGP route selection process. Scope FortiGate. Solution Consider only routes with no AS loops and a valid next hop. BGP makes routing decisions based on path, network policies and rulesets ... select the route with the lowest router ID as the best path. Network. Type. To achieve this, multiple route selection techniques can be used. Some are protocol- agnostic (for example, weight) and others are protocol-specific (for example ...).


質問 # 20
What happens when a FortiGate detects a SYN flood attack?

  • A. It enables proxy-based inspection
  • B. It redirects traffic to a backup gateway
  • C. It applies rate limiting to SYN packets
  • D. It drops all incoming packets

正解:C

解説:
When FortiGate detects a SYN flood attack, it applies rate limiting to SYN packets via a DoS policy, dropping excessive packets to mitigate the attack. It does not drop all packets (A), enable proxy inspection (B), or redirect traffic (D). Exact extract: "FortiGate mitigates SYN flood attacks using DoS policies, which apply rate limiting to SYN packets to prevent overwhelming the system."


質問 # 21
Which FortiGate feature allows for dynamic routing protocol updates to be propagated through an IPsec VPN tunnel?

  • A. Route-based VPN
  • B. Dynamic Routing Gateway
  • C. Auto Discovery VPN (ADVPN)
  • D. Virtual Routing and Forwarding (VRF)

正解:C

解説:
Auto Discovery VPN (ADVPN) in FortiGate enables dynamic routing protocols (e.g., OSPF, BGP) to propagate updates through IPsec VPN tunnels by automatically creating shortcut paths between spokes. This simplifies configuration and enhances scalability in hub-and-spoke topologies. Route-based VPN (D) supports routing but not dynamic discovery, VRF (C) is for segmentation, and Dynamic Routing Gateway (B) is not a standard Fortinet feature. Exact extract: "ADVPN allows dynamic routing protocols to be used over IPsec VPN tunnels, enabling spokes to discover and communicate directly via shortcuts, improving efficiency in hub-and-spoke setups."


質問 # 22
What is the purpose of the FortiGate 'diagnose debug flow' command?

  • A. To display real-time packet captures
  • B. To troubleshoot routing table issues
  • C. To monitor system performance metrics
  • D. To show the packet flow through firewall policies

正解:D

解説:
The 'diagnose debug flow' command in FortiGate is used to troubleshoot how packets are processed through firewall policies, showing details like policy matching, NAT, and session handling. It helps identify why packets are allowed or dropped. Option A refers to packet sniffing, B to routing diagnostics, and D to performance monitoring, none of which are the primary function. Exact extract: "The diagnose debug flow command displays the packet flow through FortiGate, including policy matching, NAT, and session details, useful for troubleshooting traffic issues."


質問 # 23
Link aggregation allows network devices to________

  • A. None of the above
  • B. Increase bandwidth by binding physical interfaces into a single channel
  • C. Increase bandwidth of an interface
  • D. Restrict the bandwidth

正解:B

解説:
Link aggregation, also known as IEEE 802.3ad or 802.1ax, enables the binding of multiple physical interfaces to form a single logical interface, which increases the overall bandwidth and provides redundancy. This is achieved by combining the bandwidth of the individual links into one aggregated link. For example, if two
1Gbps interfaces are aggregated, the logical link can provide up to 2Gbps bandwidth. This configuration is commonly used in FortiGate devices to enhance network performance without replacing hardware. The option B correctly describes this by stating "Increase bandwidth by binding physical interfaces into a single channel," which aligns with the official description. Incorrect options include A, which is vague and does not specify the method of binding multiple interfaces; C, which is the opposite of the purpose; and D, which is invalid.
Exact extract: Link aggregation (IEEE 802.3ad/802.1ax) enables you to bind two or more physical interfaces together to form an aggregated (combined) link. This new link ... Link aggregation combines multiple physical interfaces into a single logical interface, increasing bandwidth and link redundancy. Traffic is distributed evenly.


質問 # 24
Which of the following Authentication protocols uses clear text?

  • A. EAP
  • B. CHAP
  • C. MSCHAP
  • D. PAP

正解:D

解説:
PAP (Password Authentication Protocol) sends username and password in clear text over the network, making it insecure. CHAP uses challenge-response with hash, MSCHAP is Microsoft variant with hash, EAP is extensible and can use various methods but not inherently clear text. Exact extract: It's "impossible" to authenticate wireless users based on EAP-PEAP sessions agains OpenLdap, except, if the users using clear text authetication methods (PAP). Clear text HTTP authentication is not secure. All user names and data (and, depending on the authentication style, passwords) are sent in clear text. If you ... Fortinet ... Password Authentication Protocol (PAP). Used to authenticate PPP connections. Transmits passwords and other user information in clear text. The default token page contains a "Token Code:" text field. Recommended customization. It's recommended to delete the "Token Code:" text. FortiWeb will use ... If you follow the configuration guide for NPS you'll see (step 9) you need to enable "Unencrypted authentication (PAP, SPAP)" (link below).


質問 # 25
What does the below route indicate?

  • A. The destination network can be reached via any gates
  • B. It is a dummy route in the routing table
  • C. The device does not know the destination
  • D. The destination network is locally connected on that interface

正解:D

解説:
A route with a directly connected interface (no gateway) indicates the destination network is locally attached to that interface on the FortiGate. This is common for networks directly connected to the device's interfaces.
Option A is vague, B is incorrect as it's not a dummy route, and D suggests an unknown route, which isn't the case. Exact extract: "A directly connected route indicates that the destination network is locally attached to the interface specified in the routing table... No gateway is required for such routes as the FortiGate is directly connected to the network."


質問 # 26
How many layers does the OSI Model contain?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:D

解説:
The OSI (Open Systems Interconnection) model consists of seven layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. This framework is used in Fortinet documentation to explain protocol operations. Options A, C, and D are incorrect as they do not match the standard OSI model.
Exact extract: "The OSI model defines seven layers for network communication: 1. Physical, 2. Data Link, 3.
Network, 4. Transport, 5. Session, 6. Presentation, 7. Application."


質問 # 27
In VMware vSphere, the term VMotion refers to

  • A. The process used to describe the movement of hard drive platters on a virtual machine
  • B. The patented technology available to migrate a server from Hyper-V to VMware
  • C. The streaming of high definition video on a virtual machine
  • D. A zero downtime live migration of workloads from one server to another

正解:D

解説:
VMotion in VMware vSphere enables live migration of running virtual machines from one physical server to another with zero downtime, ensuring continuous operation. Fortinet's FortiGate-VM supports such environments. Options A, C, and D are incorrect as they do not describe VMotion; C refers to a different migration scenario, and D is unrelated to virtualization. Exact extract: "VMotion allows the live migration of a running virtual machine from one physical server to another with no downtime... This ensures workloads continue running during server maintenance or load balancing."


質問 # 28
Which term refers to the OSPF router that connects area 0 to a nonbackbone area?

  • A. backbone router
  • B. autonomous system boundary router
  • C. area boundary router
  • D. area border router

正解:D

解説:
The standard term in OSPF for a router connecting the backbone area (Area 0) to a non-backbone area is "area border router" (ABR). It maintains separate LSDBs for each area and performs summarization. "Area boundary router" is similar but not the standard term; ASBR connects to external AS; backbone router is in Area 0. Exact extract: Go to Network > OSPF. Set Router ID to 10.11.101.1. In the Areas table, click Create New and set the following: Area ID. 0.0. Click OK. In the Networks ... A router connected to more than one area is an area border router (ABR). An autonomous system boundary router (ASBR) is located between an OSPF autonomous ... This article describes the basic steps to configure FortiGates in an OSPF scenario where the FortiGates will be ABR and ASBR OSPF routers across 3 areas. OSPF areas are groupings of OSPF routers or logical parts of a network. An area's routing information can be sent as a summary to other areas. This article describes that routes learned from the other OSPF areas will be removed on the ABR router when it has multiple areas and has no backbone ...


質問 # 29
Which FortiGate feature allows for policy-based routing?

  • A. Static Routes
  • B. Policy Routes
  • C. Dynamic Routes
  • D. SD-WAN Rules

正解:B

解説:
Policy Routes in FortiGate allow routing decisions based on criteria like source, destination, or service, overriding the default routing table. SD-WAN Rules (A) are for WAN optimization, Static Routes (C) are fixed, and Dynamic Routes (D) are protocol-based, not policy-based. Exact extract: "Policy Routes allow FortiGate to make routing decisions based on user-defined criteria, such as source/destination IPs or services, overriding standard routing."


質問 # 30
Which parts of the IKE protocol below are responsible for authenticating the User (username/password) of a dialup IPsec tunnel? (Check all correct answers)

  • A. IKEv2 SA_INIT
  • B. IKEv1 Xauth
  • C. IKEv1 phase2
  • D. IKEv1 phase1
  • E. IKEv2 EAP

正解:B、E

解説:
For user authentication in dialup IPsec, IKEv1 uses XAuth (Extended Authentication) after Phase 1 for username/password. IKEv2 uses EAP (Extensible Authentication Protocol) for similar user auth. Phase 1 and SA_INIT are for peer auth, Phase 2 for child SA negotiation. Exact extract: XAuth increases security by requiring remote dialup client users to authenticate in a separate exchange at the end of phase 1. IPsec IKEv2 VPNs now support certificate authentication and EAP authentication at the same time from a dialup FortiClient. With the eap-cert-auth setting ... IPsec IKEv2 VPNs now support certificate authentication and EAP authentication at the same time from a dialup FortiClient. IPsec IKEv1 uses XAUTH for user authentication, and IPsec IKEv2 uses EAP for user authentication. Only EAP-TTLS is interoperable with LDAP. For LDAP based user ... In your scenario, the user cannot authenticate by providing both a PSK and their credentials (using one of multiple EAP methods).


質問 # 31
Which FortiGate log type records denied traffic events?

  • A. System Log
  • B. Event Log
  • C. Traffic Log
  • D. Security Log

正解:C

解説:
Traffic Logs in FortiGate record all traffic events, including denied packets, with details like source, destination, and policy ID. Security Logs (B) cover UTM events, Event Logs (C) system events, and System Logs (D) hardware or system status, not specifically denied traffic. Exact extract: "Traffic Logs record all packet activity, including allowed and denied traffic, with details such as source/destination IPs, ports, and the firewall policy applied."


質問 # 32
Which FortiGate command displays the current routing table?

  • A. get router info routing-table all
  • B. get system route
  • C. diagnose netlink route list
  • D. show router status

正解:A

解説:
The 'get router info routing-table all' command displays the FortiGate's current routing table, including all active routes and their details. Options B, C, and D are not valid or specific for this purpose. Exact extract:
"Use 'get router info routing-table all' to display the complete routing table, showing destination, gateway, interface, and metric for all routes."


質問 # 33
In FortiGate, what is the purpose of a Virtual IP (VIP)?

  • A. To map an external IP to an internal IP for NAT
  • B. To enable load balancing for VPN tunnels
  • C. To assign a secondary IP to a physical interface
  • D. To create a virtual interface for VLANs

正解:A

解説:
A Virtual IP (VIP) in FortiGate maps an external IP address to an internal IP for Destination NAT (DNAT), commonly used for accessing internal servers from external networks. It is not for VLANs (B), secondary IPs (C), or VPN load balancing (D). Exact extract: "Virtual IPs (VIPs) are used for Destination NAT, mapping an external IP address to an internal IP to allow external access to internal resources, such as servers."


質問 # 34
Firewall is performing stateful inspection for TCP traffic between Client 10.0.0.21 and Server 172.16.1.200.

  • A. The ACK was not supposed to be sent to client 10.0.0.21
  • B. Traffic is Asymmetric and not allowed by the Firewall
  • C. Traffic should be allowed
  • D. Three way handshake was not completed

正解:D

解説:
Stateful inspection requires a complete TCP three-way handshake (SYN, SYN-ACK, ACK) to establish a session in the firewall's state table. If the handshake is incomplete (e.g., missing ACK), the session is not established, and traffic is dropped. The question implies a stateful firewall scenario where traffic is blocked, likely due to an incomplete handshake. Asymmetric traffic (B) or incorrect ACK (A) are not indicated without further context, and C is incorrect if the handshake fails. Exact extract: "Stateful inspection ensures that a TCP three-way handshake is completed before allowing traffic... If the handshake is not completed, FortiGate drops the packets as invalid."


質問 # 35
What are source and destination MAC addresses of an ARP request?

  • A. The source MAC is that of the forwarding switch and destination of the targeted device
  • B. The source MAC is that of the sending device and the destination of the targeted device
  • C. The source MAC is that of the sending device and the destination MAC is a broadcast address
  • D. The source MAC is that of the sending device and the destination is a multicast address

正解:C

解説:
An ARP (Address Resolution Protocol) request is broadcast to resolve an IP address to a MAC address. The source MAC is the sender's MAC address, and the destination MAC is the broadcast address (FF:FF:FF:FF:
FF:FF) to reach all devices on the local network. Fortinet devices handle ARP for Layer 2 communication.
Options B, C, and D are incorrect as switches don't originate ARP requests, the target's MAC is unknown, and ARP uses broadcast, not multicast. Exact extract: "In an ARP request, the source MAC address is that of the sending device, and the destination MAC address is the broadcast address (FF:FF:FF:FF:FF:FF), sent to all devices in the local network segment."


質問 # 36
......

100%の合格率を試そう!更新されたのはEMEA-Advanced-Support試験問題 [2026年更新]:https://www.goshiken.com/Fortinet/EMEA-Advanced-Support-mondaishu.html

合格させるEMEA-Advanced-Support試験にはリアル問題解答:https://drive.google.com/open?id=1XesluBhfciImlXe-VkiG7IRg9O_kqph9

関するブログ

もっと
EMEA-Advanced-Support無料問題集