1. Home
  2. Fortinet
  3. FCNSA.V5

Fortinet Certified Network Security Administrator (FCNSA.v5)

Exam Details

  • Exam Code
    :FCNSA.V5
  • Exam Name
    :Fortinet Certified Network Security Administrator (FCNSA.v5)
  • Certification
    :Fortinet Certification
  • Vendor
    :Fortinet
  • Total Questions
    :119 Q&As
  • Last Updated
    :May 15, 2024

Fortinet Fortinet Certification FCNSA.V5 Questions & Answers

  • Question 41:

    Which of the following statements describes the method of creating a policy to block access to an FTP site?

    A. Enable Web Filter URL blocking and add the URL of the FTP site to the URL Block list.

    B. Create a firewall policy with destination address set to the IP address of the FTP site, the Ser- vice set to FTP, and the Action set to Deny.

    C. Create a firewall policy with a protection profile containing the Block FTP option enabled.

    D. None of the above.

  • Question 42:

    UTM features can be applied to which of the following items?

    A. Firewall policies

    B. User groups

    C. Policy routes

    D. Address groups

  • Question 43:

    Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function.

    How are UTM features applied to traffic?

    A. One or more UTM features are enabled in a firewall policy.

    B. In the system configuration for that UTM feature, you can identify the policies to which the feature is to be applied.

    C. Enable the appropriate UTM objects and identify one of them as the default.

    D. For each UTM object, identify which policy will use it.

  • Question 44:

    If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these inter- faces?

    A. The traffic is blocked.

    B. The traffic is passed.

    C. The traffic is passed and logged.

    D. The traffic is blocked and logged.

  • Question 45:

    An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet.

    What must the user have for a suc- cessful authentication? (Select all that apply.)

    A. An entry in a supported LDAP Directory.

    B. A digital certificate issued by any CA server.

    C. A valid username and password.

    D. A digital certificate issued by the FortiGate unit.

    E. Membership in a firewall user group.

  • Question 46:

    The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authentic- ates to the RADIUS server? (Select all that apply.)

    A. MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2)

    B. PAP (Password Authentication Protocol)

    C. CHAP (Challenge-Handshake Authentication Protocol)

    D. MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1)

    E. FAP (FortiGate Authentication Protocol)

  • Question 47:

    Which of the following are valid components of the Fortinet Server Authentication Extensions (FSAE)? t all that apply.)

    A. Domain Local Security Agent.

    B. Collector Agent.

    C. Active Directory Agent.

    D. User Authentication Agent.

    E. Domain Controller Agent.

  • Question 48:

    A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode.

    Which of the owing statements are correct regarding the use of tunnel mode SSL VPN? (Se- lect all that apply.)

    A. Split tunneling can be enabled when using tunnel mode SSL VPN.

    B. Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN.

    C. Users attempting to create a tunnel mode SSL VPN connection must be members of a con- figured user group on the FortiGate unit.

    D. Tunnel mode SSL VPN requires the FortiClient software to be installed on the user's com- puter.

    E. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

  • Question 49:

    An end user logs into the SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has not enabled split tunneling and so the end user must ac- cess the Internet through the SSL VPN Tunnel. Which firewall policies are needed to allow the end user to not only access the internal network but also reach the Internet?

    A. B. C. D.

  • Question 50:

    Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

    A. Manual, user-initiated updates from the FortiGuard Distribution Network.

    B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine up- dates from the FortiGuard Distribution Network.

    C. Push updates from the FortiGuard Distribution Network.

    D. Update status including version numbers, expiry dates, and most recent update dates and times.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your FCNSA.V5 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.