Download Fortinet.FortiDDoS.VCEplus.2019-05-03.15q.vcex

Download Exam

File Info

Exam FortiDDoS 4.0 Specialist
Number FortiDDoS
File Name Fortinet.FortiDDoS.VCEplus.2019-05-03.15q.vcex
Size 603 KB
Posted May 03, 2019
Download Fortinet.FortiDDoS.VCEplus.2019-05-03.15q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Which is true regarding packets that match a do-not-track policy with the action Track and Allow?


  1. Packets are never dropped.
  2. Source IP addresses are added to the legitimate IP (LIP) table.
  3. Packets are not included in the statistics for threshold estimation.
  4. Packets are assigned to SPP 0.
Correct answer: A
Explanation:
Reference: http://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_a_Do_Not_Track_policy.htm
Reference: http://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_a_Do_Not_Track_policy.htm



Question 2

Regarding the switching SPP feature, what is used to determine when FortiDDoS switches the traffic to an alternate SPP?


  1. Traffic volume
  2. Destination IP addresses
  3. Mitigated attacks
  4. Blocked packets
Correct answer: A
Explanation:
Reference: http://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_SPP_policy_settings.htm
Reference: http://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_SPP_policy_settings.htm



Question 3

A FortiDDoS device is connected between a protected server and an Internet router. For the aggressive aging feature, the administrator must manually add the router internal interface MAC address to the FortiDDoS configuration. Why does the FortiDDoS need this information?


  1. To send RST packets to the protected server spoofing the router internal interface MAC address.
  2. To allow incoming traffic only from that specific MAC address.
  3. To determine which traffic direction is incoming and which traffic direction is outgoing.
  4. To allow outgoing traffic only to that specific MAC address.
Correct answer: A
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 80
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 80



Question 4

As the exhibit shows, a FortiDDoS port2 is connected to the protected server. Its port1 is connected to the Internet. The FortiDDoS has 8 interfaces for user traffic. The exhibit also shows a screenshot of the unit dashboard. 
The administrator noticed that the statistics are showing all the traffic coming from the Internet to the protected server as outbound, instead of inbound. Based on the exhibit, what is the cause of this mislabeling?


  1. The protected server is connected to a wrong FortiDDoS interface. It must be connected to an interface from port 5 to port 8.
  2. SPP 0 is operating in detection mode.
  3. The SPP 0 link is down.
  4. FortiDDoS interfaces are wrongly connected. The interface port1 must be connected to the protected server and port2 must be connected to the Internet. 
Correct answer: D



Question 5

A FortiDDoS administrator wants the configured minimum threshold to act as a hard, fixed threshold. So, FortiDDoS will start dropping packets and mitigating the traffic as soon as the traffic volume goes above the configured minimum threshold, regardless of the values of the other thresholds. What configuration change can be done to achieve this requirement?


  1. Setting the SPP to detection mode.
  2. Changing the adaptive mode to fixed.
  3. Setting the adaptive limit percentage to 100%.
  4. Disabling the adaptive limit threshold.
Correct answer: C
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 63
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 63



Question 6

The exhibit shows the configuration for the blocking periods.
FortiDDoS has detected an incoming fragmented flood attack in SPP 0
According with the exhibit, which action does the unit take with the SPP-0 traffic as soon as the attack is detected?


  1. Incoming fragmented packets from all sources are blocked for at least 60 seconds.
  2. Incoming fragmented packets from all identified malicious sources are blocked for at least 120 seconds.
  3. Incoming fragmented packets from all sources are blocked for at least 15 seconds.
  4. All incoming packets from all sources are blocked for at least 15 seconds.
Correct answer: C
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 264
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 264



Question 7

A FortiDDoS device must be deployed as soon as possible in a customer network that is currently under a DDoS attack. Which values are recommended to use for the configured minimum thresholds?


  1. The factory default values.
  2. The factory default values increased by a percentage that depends on the customer traffic volume.
  3. The easy setup values.
  4. The system recommended values after a one-hour learning period.
Correct answer: D
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 126
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 126



Question 8

Which of the following DoS attacks are categorized as bulk volumetric attacks? (Choose two.)


  1. Slowloris
  2. HTTP slow read
  3. SYN flood
  4. ICMP flood
Correct answer: CD



Question 9

What is the maximum number of service protection profiles (SPPs) supported in a FortiDDoS device?


  2. 4
  3. 8
  4. 16
Correct answer: C
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 17
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 17



Question 10

A FortiDDoS device is configured to mitigate SYN flood attacks using the SYN cookie mode. What action does it take when it is mitigating an SYN flood attack and a SYN packet from a new source IP address arrives?


  1. It replies with a SYN/ACK packet containing a cookie value in the TCP sequence field.
  2. It replies with a SYN/ACK packets. One containing the right acknowledge value, the other one with a wrong acknowledge value.
  3. It replies with a RST packet if the SYN packet does not contain the right cookie in the sequence field.
  4. It replies with a SYN/ACK packet containing a cookie value in the TCP acknowledge field.
Correct answer: A
Explanation:
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 78
Reference: https://s3.amazonaws.com/fortinetweb/docs.fortinet.com/v2/attachments/44f876f1-2436-11e9-b20a-f8bc1258b856/fortiddos-5-0-0-handbook.pdf page 78









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files