考试篇(5.2) NSE4 题库 07. 反病毒 ❀ 飞塔 (Fortinet) 网络安全专家

　　【简介】Fortinet 飞塔网络安全专家 (4) 考试共 120 分钟，共 60 道英文选择题，答对 70% 计 42 道题为合格。


Which statements regarding banned words are correct? (Choose two) 〖哪些关于禁用单词的描述是正确的? (选择两个)〗

　　A. Content is automatically blocked if a single instance of a banned word appears. 〖如果在单个实例上出现禁用词，内容将自动屏蔽〗

　　B. The FortiGate updates banned words on a periodic basis. 〖FortiGate防火墙定期更新禁用词〗

　　C. The FortiGate can scan web pages and email messages for instances of banned words. 〖FortiGate防火墙可以通过禁用词的实例扫描网页和电子邮件〗

　　D. Banned words can be expressed as simple text, wildcards and regular expressions.〖禁用词可以表示为简单的文本、通配符和正则表达式〗

　　

【分析】



　　可以通过禁用词扫描网页，支持通配置符和正则表达式。



　　可以通过禁用词扫描邮件。

　　

【答案】ＣＤ


Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols? 〖扫描SMTP、FTP、POP3和SMB协议必须使用哪些杀毒检查模式?〗

　　A. Proxy-based. 〖基于代理〗

　　B. DNS-based. 〖基于DNS〗

　　C. Flow-based. 〖基于流〗

　　D. Man-in-the-middle. 〖中间人〗

　　

【分析】



　　SMB协议只支持基于流的病毒扫描。

　　

【答案】Ｃ


Examine the exhibit; then answer the question below. 〖查看图例，然后回答下面的问题〗



　　Which statement describes the green status indicators that appear nextto the different FortiGuard Distribution Network services as illustrated in theexhibit? 〖哪些声明描述了上面图例显示的不同的FortiGuard分销网络服务旁边的绿色状态指标？〗

　　A. They indicate that the FortiGate has the latest updates available from the FortiGuard Distribution Network.〖它们表明FortiGate防火墙可以从FortiGuard分销网络获得最新升级〗

　　B. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit. 〖它们表明可以从FortiGuard分销网络下载可用的更新到FortiGate设备〗

　　C. They indicate that the FortiGate is in the process of downloading updates from the FortiGuard Distribution Network.〖它们表明FortiGate防火墙在处理从FortiGuard分销网络的下载更新〗

　　D. They indicate that the FortiGate is able to connect to the FortiGuard Distribution Network.〖它们表明FortiGate防火墙能够连接到FortiGuard分销网络〗

　　

【分析】



　　绿色图标表示可以连接到FortiGuard分销网络，有一个注册支持合同。

　　

【答案】Ｄ


Which antivirus and attack definition update options are supported by FortiGate units? (Choose two) 〖FortiGate设备支持哪些防病毒和攻击定义更新选项? (选择两个)〗

　　A. Manual update by downloading the signatures from the support site.〖手动更新下载网站的签名支持〗

　　B. Pull updates from the FortiGate. 〖从FortiGate下拉更新〗

　　C. Push updates from a FortiAnalyzer.〖从FortiAnalyzer下拉更新〗

　　D. execute fortiguard-AV-AS command from the CLI.〖在命令行下执行fortiguard-AV-AS命令〗

　　

【分析】



　　可以自动更新病毒和IPS库。



　　可以手动上传更新病毒和IPS库。

　　

【答案】ＡＢ


A FortiGate is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received.〖FortiGate防火墙配置为接收从FortiGuard分销网络推送的更新，然而更新没有收到〗

　　Which are two reasons for this problem? (Choose two) 〖产生这个问题是哪两个原因? (选择两个)〗

　　A. The FortiGate is connected to multiple ISPs.〖FortiGate防火墙连接了多个互联网宽〗

　　B. There is a NAT device between the FortiGate and the FortiGuard Distribution Network. 〖在FortiGate与FortiGuard分销网络之间有一个NAT设备〗

　　C. The FortiGate is in Transparent mode.〖FortiGate防火墙处于透明模式〗

　　D. The external facing interface of the FortiGate is configured to get the IP address from a DHCP server.〖FortiGate防火墙面临外部的接口是从一个DHCP服务获取的IP地址〗

　　

【分析】



　　如果FortiGate设备在其它NAT设备后（或其它的FortiGate设备），为了能确保接受推送更新通知，你需要对通知使用代理IP地址，要做到这些，你需要建立一个虚拟IP映射到NAT设备的外网端口。

　　FortiGate防火墙面临外部的接口是从一个DHCP服务获取的IP地址，那就表明有NAT。

　　

【答案】ＢＤ


Which statement is correct regarding virus scanning on a FortiGate unit? 〖在FortiGate防火墙上关于病毒扫描的哪些声明是正确的?〗

　　A. Virus scanning is enabled by default. 〖病毒扫描默认情况下是启用的〗

　　B. Fortinet customer support enables virus scanning remotely for you. 〖Fortinet客服支持给你远程扫描病毒〗

　　C. Virus scanning must be enabled in a security profile, which must be applied to a firewall policy. 〖病毒扫描必须启用安全性配置文件，必须应用于防火墙策略〗

　　D. Enabling virus scanning in a security profile enables virus protection for all traffic flowing through the FortiGate.〖对安全配置文件授权使通对流经FortiGate防火墙所有流量病毒保护〗

　　

【分析】





　　启用反病毒需要在策略里打开反病毒功能，并选择相应的安全配置文件。

　　

【答案】Ｃ



飞塔技术-老梅子 QQ：57389522