You are on page 1of 13

EXAMEN1:

Which data center FortiGate model has 40G ports?


FortiGate 500D
FortiGate 1500D
FortiGate 3700D
FortiGate 3810D

Which data center FortiGate model has 100G ports?


FortiGate 500D
FortiGate 1500D
FortiGate 3700D
FortiGate 3810D

Which FortiASIC is used to accelerate firewall performance?


Content Processor
CPU
Network Processor
Switching Processor

How many individual FortiGuard services are available to FortiGate


appliances?
4
5
7
8

Where are virtual machine firewall appliances typically deployed?


Campus edge
Data center
Small or branch office
Cloud

Which FortiASIC is used to accelerate NGFW performance?


Content Processor
CPU
Network Processor
Switching Processor

What integration is required for SDN Functionality?


Different Hypervisor Support
Orchestration API Support
Virtual machine Firewall
Flexible Management Software

How many elements make up the High Performance Integrated Network


Security Platform?
3
4
5
6

What type of Firewall is used for data center north-south traffic?


NGFW Appliance
High Speed Data Center Firewall
Virtual machine Firewall
UTM

What type of firewall is used for data center east-west traffic?


NGFW Appliance
High Speed Data Center Firewall
Virtual machine Firewall
UTM

What length of contract (term) options are available for licensing FortiGuard
and FortiCare services with a FortiGate purchase?
1 year only
1 and 2 year options
1, 2 and 3 year options
3 years only

Where are UTM appliances typically deployed?


Campus edge
Data center
Small or branch office
Cloud

Which FortiGate models have been tested by NSS in 2014 for NGFW
Performance? (select all that apply)
FortiGate 500D
FortiGate 1500D
FortiGate 3600C
FortiGate 3700D

Which of the following is the core element of the High Performance


Integrated Network Security Platform?
Threat Intelligence Services
Management and Analytics
Application and Wireless Security

Virtualization and Cloud


FortiGate Firewall Platform

Which is a typical Data Center Firewall throughput range?


1 - 100Mbps
1- 1Gbps
1- 20Gbps
10 100Gbps

What type of Firewall is used for data center north-south traffic?


NGFW Appliance
High Speed Data Center Firewall
Virtual machine Firewall
UTM

Which FortiGate models are typically used in the data center?


FortiGate 30-90 Series
FortiGate 100 800 Series
FortiGate 1000 3000 Series
FortiGate 7000 Series

How are FortiCare service prices calculated?


As a % of the software price
As a % of the hardware price
Independent of the hardware price
Fixed price regardless of the FortiGate model chosen

Which is a typical NGFW throughput range?


1 - 100Mbps

1- 1Gbps
1- 20Gbps
10 100Gbps

Which of the following is not a key FortiGate differentiator?


FortiGuard Threat Research & Security Updates
Industry Leading Price
Network & Security Convergence
Industry Leading Price/Performance

EXAMEN 2
FortiGate delivers 5x the performance of other NGFWs because of which technology?
Distributed Packet Selection
Content Cache Evaluation
Custom ASICs
The primary reason a customer would buy a Next Generation Firewall is:
To protect a data center from a DDoS attack.
To secure the enterprise edge from network-based threats.
To provide wireless connectivity to guest users.
What elements must you purchase to get an NGFW solution from Fortinet?
FortiGate model
FortiGuard services
Both FortiGate model and FortiGuard services
True or false, an NGFW can identify an application amid the total traffic flowing
through the firewall appliance regardless of the port it uses?
True
False
FortiGuards services receive top ratings from which independent industry test service?
Virus Bulletin
AV Comparatives
NSS Labs
All of the above
FortiGate NGFWs are available as:
Hardware appliances
Virtual appliances
Both hardware and virtual appliances
Which FortiGuard service is used by FortiGate NGFWs?
Endpoint
DDoS
IPS

All of the above


True or false, FortiGuard provides the NGFW services for FortiGate?
True
False
True or false, a top reason a customer would buy a Next Generation Firewall is to get
additional protection against advanced threats and to reduce risk of data breach:
True
False
The main customer segment for Next Gen Firewalls is:
Enterprise
Data Center
Small/Home Office

EXAMEN 3
Which of the following are feasible locations to deploy a firewall in the data center?
At the data center edge
At the data center core
Top-of-rack
All of the above

Which of the following is a correct statement about Virtual Domain functionality?


Virtual Domains are used to give hackers the appearance of firewall protection in lieu of
an actual firewall appliance
Virtual Domains allow a single FortiGate appliance to be divided up into multiple logical
firewall instances that can be managed and configured independently.
Virtual Domains are used only when protecting virtualized servers.

Which of the FortiGate product lines offer NP6 ASIC acceleration, high 10GbE port
density, AND high-speed 40/100 GbE interfaces?
All entry-level, mid-range, and high-end FortiGate product lines
High-end FortiGate product lines (1000 to 5000-series)
Only carrier-grade FortiGate 5000-series chassis and blade solution

What was a given customer scenario when high connections/second and concurrent user
sessions were important firewall performance criteria?
Massive numbers of mobile users accessing data center services at the same time during
peak periods
Online shoppers cannot check out due to poor web site design and keep logging in over
and over
Researchers transferring very large data sets from remote scientific instruments
There are never scenarios where connections/sec and concurrent user sessions matter;
firewall throughput is the only thing that matters

What did several key industry analysts cite as a primary reason Fortinet has ascended
to be a top vendor in carrier and enterprise data center firewalls?
Strong security appliance performance and price
Aggressive marketing and branding efforts
Direct sales channels that bypass the middleman

Which of the following statements is correct about security functions available in


FortiGate data center firewalls?
They deliver very high firewall throughput, but as a tradeoff do not have intrusion
prevention or antivirus functionality in the box
All FortiGates offer firewall, intrusion prevention, antivirus and other security
functionality built into a common platform
To use multiple security functions, multiple virtual domains must be configured - one
VDOM must be configured for firewall, another for intrusion prevention, etc.

Which is a correct statement about the hardware IPv6 capabilities of the latestgeneration FortiASIC NP6 network processors?
The FortiASIC NP6 cannot yet handle IPv6 packet forwarding
The FortiASIC NP6 can forward IPv6 packets, but at a slower rate than IPv4 packets
The FortiASIC NP6 can forward IPv6 packets at the same rate as IPv4 packets

TRUE or FALSE For firewall throughput above 100Gbps, customers must always
choose a chassis-based solution from vendors, because the power and thermal
requirements are just too much for compact appliance form factors.
True
False

The latest generation FortiASIC NP6 can forward 45 million IPv4 packets per second
(pps). What is its IPv6 forwarding performance in comparison?
1 million packets per second
4.5 million packets per second
45 million packets per second
100 million packets per second

What is a key reason FortiGate firewalls are much more power efficient than competing
vendor solutions?
FortiGate firewalls use custom ASICs that consume one-tenth the power of generalpurpose Intel CPUs
FortiGate firewalls offer slow network speeds in order to conserve power
FortiGate firewalls run on battery packs to draw less power from the plug

EXAMEN 4
The primary reason a customer would buy a UTM device is:
To sandbox malicious threats before they are able to attack applications.
To connect and secure small and branch office networks.
To provide wireless connectivity to guest users.
FortiGate appliances support which WAN connectivity technologies:
Cable, DSL, 3G/4G, Satellite, Dial-up
Only dial-up
Bluetooth
True or false, FortiGate appliances provide reduced complexity, simplified management
and reduced training costs?
True
False
True or false, a top target customer segment for UTM is Large Data Centers?
True
False
FortiGate appliance provide which FortiGuard Services:
Antivirus serivce only
Antivirus and anti-spam services only
Web filtering, antivirus and anti-spam services
Web filtering, antivirus and Web application security services
True or false, a UTMs main function is to enable 2-factor authentication for an
enterprise?
True
False
True or false, FortiGate appliances are used primarily to accelerate application delivery
performance?
True
False

FortiGate appliances are available as:


Hardware-only appliances
Virtual-only appliances
Both hardware and virtual appliances
True or false, a UTM device is needed most by organizations that need to protect Web
applications?
True
False
True or false, a UTM device is needed most by organizations that need to protect
against DDoS attacks?
True
False
If a customer needs a consolidated security device including firewall, VPN, IPS,
antivirus, anti-spam, and web filtering, to connect and secure small and branch office
networks, they most likely will need:
A UTM appliance
A DDoS Attack Mitigation Appliance
A Web Application Firewall
If an organization needs to connect and secure small and branch offices, they most
likely will need:
A Web Application Firewall
A UTM device
2-factor authentication
True or false, a primary reason a customer would buy a UTM device is to protect
applications from code-based vulnerabilities before they are able to attack applications?
True
False

EXAMEN 6
Advanced threats focus on
Getting access to corporate users email
Disguising themselves in order to slip past known security detection
Overwhelming and consuming available internet bandwidth
Creating situations where services are unavailable to users
Which growing cyber challenges does a malicious hacker use to his benefit in planning
an attack?
Growing attack surface
Integrated attack transit
Accelerated threat volume
All of the above
True or False, FortiGuard Security Services are designed for both physical and virtual
security solutions.
True
False
Which security service is the most resource/compute intensive?
IPS
Antivirus
Antispam
Web filtering
The three steps in Fortinets Advanced Threat Protection system are:
Detect, analyze, share
Prevent, detect, mitigate
Block, allow, remediate
Synergistic development of your security services will deliver:
a. The most effective network performance
b. Layered security with no redundancy
c. Both a. and b.
True or False , A single CPRL signature can catch many variants of a single malware,
including new ones
True

False
The main purpose of the Fortinet Advanced Threat Protection system is :
To deliver effective prevention by turning unknown threats into known threats, and
providing consistent protection globally
To organize security and networking products by threat category
To provide a set of qualifying questions on ATP attacks to our customers
Which of the below elements indicate a growing, more sophisticated cybercrime
society/ecosystem?
Education and training
Storefront , Service economy
Specialty / Diversity
All of the above
Which Fortinet solution does NOT leverage FortiGuard Labs threat intelligence?
FortiGate
FortiSandbox
FortiSwitch
FortiMail
What is FortiGuard Labs?
Fortinets in-house security research and response team
A threat research team that constantly monitors the evolving threat landscape globally
A team that develops new adaptive defense tools to help protect against multi-vector
Zero-day attacks.
All of the above
What type of attack element can the Anti-spam Service help prevent?
Creating a botnet
Getting control over an application
Serving email with a malicious link
What type of attack element can Web filtering help prevent?
Botnet creation
Manipulation of end users leading to access of malicious websites
Getting control over an application