Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Fortinet 925-201b Exam -

Free 925-201b Sample Questions:

Q: 1
Which of the following default factory setting is true about Fortigate unit?
A. internal : /24 ; http , https , ping , ssh access is enabled
B. external : ; ping is enabled
C. internal : /24 ; https , ping , ssh access is enabled
D. external : ; ping & https is enabled
Answer: A , B

Q: 2
Which of the following firmware upgrade method will cause configuration reset?
A. WebUI
C. Fortimanager
D. interrupt booting procedure by CLI
Answer: D

Q: 3
Which of the following statement about TCP MTU for Fortigate is true?
A. default MTU is 1500 bytes
B. For manual and DHCP addressing mode the MTU size can be from 576 to 1500 bytes
C. for PPPOE addressing mode the MTU size can be from 576 to 1492 bytes
D. default MTU is 1492 bytes
Answer: A , B, C

Q: 4
What is the valid method to fixup Fortigate interface speed&duplex?
A. via web GUI
B. via CLI
C. via auto update
D. via foritlog
Answer: B

Q: 5
Which one of the following command could show HA information of fortigate?
A. get system status
B. diag sys ha status
C. exec ha mamane 1
D. diag deb ena
Answer: A , B, C

Q: 6
What is the max hop of RIP?
A. 13
B. 14
C. 15
D. 16
Answer: C

Q: 7
What are the necessary procedure before using Xauth?
A. create user group
B. create firewall policy
C. enable IPSEC VPN
D. enable PPTP
Answer: A , B, C

Q: 8
Which one is the most efficient way to block MSN traffic by Fortigate unit?
A. Use IPS module by applying protection profile
B. Use Antivirus engine
C. Use firewall policy
D. Use content filtering
Answer: A

Q: 9
What is the valid web script filtering option for web filtering?
A. Java Applet
B. Worm
C. ActiveX
D. Cookie
Answer: A, C, D

Q: 10
What is the best way to implement Fortigate HA?
A. connect corresponding interface to individual switch
B. connect all interface to the same hub or switch
C. connect corresponding interface directly using cross-over cable
D. connect corresponding interface directly using straight-through cable
Answer: A

Q: 11
What is the valid address object in Fortigate unit?
A. /
B. /
C. /
D. /
Answer: B

Q: 12
What is the valid network in Fortigate
A. /
B. /
C. /
D. /
Answer: B, D

Q: 13
What is the valid ipsec phase 1 option
A. des
B. 3des
C. md5
D. sha1
Answer: A , B

Q: 14
what is the valid ipsec pahse 2 option
A. des
B. 3des
C. md5
D. sha1
Answer: C, D

Q: 15
What is valid router object of Fortigate unit?
A. prefix list
B. route map
C. key chain list
D. access list
Answer: A , B, C

Q: 16
What service can protection profile protect?
A. ftp
D. http
Answer: A , B, C , D , E

Q: 17
What is the default protection profile?
A. strict
B. scan
C. web
D. unfiltered
Answer: A , B, C , D

Q: 18
What are the valid option in web filtering?
A. content block
B. url block
C. exempt list
D. script filtering
Answer: A , B, C , D

Q: 19
What is the valid IPS option?
A. IPS signature
B. IPS anomaly
C. IPS engine
D. IPS list
Answer: A , D

Q: 20
Which logging can enable when enable protection profile content log?
Answer: A , B, C , D

Q: 21
What is the valid option of Fortigate HA schedule
A. none , hub , least-connection , round-robin
B. weighted round-robin , random , ip , ip port
C. switch , ip , ip port
D. priority , hub , least-connection
Answer: A , B

Q: 22
Which command can show HA status?
A. get system status
B. diag sys ha status
C. exec ha maga 1
D. get sys lic
E. config ha
Answer: A , B , C

Q: 23
What is the correct match order to choose a cluster master?
1. monitor port priority.
2. Age.
3.Unit Priority.
4.Serial number
A. 1 , 2 , 3 , 4
B. 1 , 3 , 2 , 4
C. 2 , 1 , 3 , 4
D. 2 , 4 , 1 , 3
E. 4 , 1 , 3 , 2
Answer: A

Q: 24
IPSEC VPN support which of the following DH group?
A. 1
B. 2
C. 3
D. 4
E. 5
Answer: A , B, E

Q: 25
what is the mechanism for processing DH group
A. to generate session key
B. to generate pre-share key
C. to generate public key
D. to generate private key
Answer: A

Q: 26
Fortigatesupport which of the following client mode?
A. ipsec
B. latp
C. pptp
D. l2f
Answer: A , B, C

Q: 27
Fortigateuse port 9443 to do what function?
A. to communicate with proxy server
B. to run push update
C. to communicate with syslog server
D. to communicate with Fortilog server
Answer: B

Q: 28
What's the difference between RIP V1 & V2?
A. carry more information
B. support simple authentication
C. support subnet mask
D. support encryption
Answer: A , B, C

Q: 29
What is the max metric can be configured in route sidtribution?
A. 13
B. 14
C. 15
D. 16
Answer: D

Q: 30
What port is used between Fortigate to transmit log message to Foritlog?
A. tcp 514
B. udp 514
C. tcp 69
D. udp 69
Answer: B

© 2014, All Rights Reserved