Fortinet Practice Exam Questions Answers Free Demo
Question 1
On a FortiMail unit, access control rules specify actions to be taken against matching email messages. Which of the following statements correctly describes the Bypass action?
A: Accept the email message but skip the MX record lookup. This mail message will be delivered using the configured relay server.
B: Do not deliver the email message.
C: Accept the email message and skip all message scanning, such as antispam and antivirus.
D: Accept the email message and delete it immediately without delivery.
Correct Answer: C
Question 2
Which of the following statements correctly describes the COMBINED action of these two access control rules?
A: Email messages from senders at external1.lab will be rejected.
B: Email messages from external1.lab to internal1.lab from host IP 172.16.78.8 are relayed.
C: Email messages from external1.lab to internal1.lab from any host IP address are relayed.
D: Email messages from external1.lab to internal1.lab are restricted by the return DNS pattern.
Correct Answer: B
Question 3
What is the best explanation for why a FortiMail unit would issue the error message indicated in the exhibit?
A: The recipient domain external1.lab is not defined.
B: This traffic comes from an authenticated sender.
C: Recipient verification is not working properly.
D: The session is matching an Access Control Rule with action "Reject".
Correct Answer: A
Question 4
Which of the following FortiMail profile types apply to IP-based policies only?
A: Session profile
B: Content profile
C: IP pool
D: Antispam profile
Correct Answer: AC
Question 5
According to the Message Header printed below, which antispam technique detected this email as spam:
Return-Path: user1@external.lab
(SquirrelMail authenticated user user1)
by 172.16.78.8 with HTTP;
X-FEAS-HASH: 6ef419f0a0608b1655xxxxe68080df3cb12fc38f1118d2f085985eeb000274d7
Sat, 18 Apr 2009 15:53:06 +0200 (CEST)
Message-ID : <3029.192.168.3.101.1240062786.squirrel@172.16.78.8>
Date : Sat, 18 Apr 2009 15 :53 :06 +0200 (CEST)
Subject: [SPAM] Sales
From: user1@external.lab
To: user1@training1.lab
User-Agent: SquirrelMail/1.4.10a-1.fc6
MIME-Version : 1.0
Content-Type : text/plain ;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Original-To: user1@training1.lab
Delivered-To: user1@training.lab
Received: from fm.sub.training1.lab (fm.sub.training1.lab [192.168.11.101])
by mail.training.lab (Postfix) with ESMTP id A9160187073
for <user1@training1.lab>; Sun, 19 Apr 2009 16:58:48 +0200 (CEST)
Received: from mail.external.lab ([172.16.78.8])
by fm.sub.training1.lab with ESMTP id n3LEPHWu001093
for <user1@training1.lab>; Tue, 21 Apr 2009 10:25:17 -0400
Received: from 172.16.78.8 (localhost [127.0.0.1])
by mail.external.lab (Postfix) with ESMTP id 247D9BF893
for <user1@training1.lab>; Sat, 18 Apr 2009 15:53:06 +0200 (CEST)
Received: from 192.168.3.101
A: DNSBL scan
B: Dictionary scan
C: Banned Word scan
D: FortiGuard checksum
Correct Answer: D
Question 6
Which of the following statements is true regarding Session-based antispam techniques?
A: The entire mail content is inspected.
B: They are enabled in the session profile only.
C: SMTP commands, sender domain and IP address are checked.
D: They are checked after application-based antispam techniques.
Correct Answer: C
Question 7
Which of the following statements regarding the FortiMail unit's Greylisting feature is NOT correct?
A: The FortiMail unit tracks the /32 bit host address of the sender.
B: When an email is received from a new sender IP address, envelope sender and envelope recipient addresses, the FortiMail unit will initially send a temporary failure message.
C: After the initial temporary fail message is sent, the message must be retransmitted between the Greylisting period expiry and initial expiry time periods.
D: Pass-through is allowed until the configured TTL expires.
E: An ACL with action Relay bypasses Greylisting.
Correct Answer: A
Question 8
Which of the following is an advantage of using Banned Word scanning instead of Dictionary scanning?
A: Mail Headers are inspected.
B: It is easier to configure.
C: Regular Expressions can be used.
D: Non-ASCII characters are supported.
Correct Answer: B
Question 9
Which operation is performed by the Forged IP scanning technique?
A: DNS PTR record lookup on the sender's IP address then A record lookup on the canonical hostname
B: DNS A record lookup on the sender's IP address then PTR record lookup
C: DNS MX record lookup on the sender canonical hostname
D: DNS TXT record lookup
Correct Answer: A
Question 10
When using Sender Reputation on a FortiMail unit, which of the following actions can be taken against a source IP address generating spam or invalid email messages?
A: Delay the email messages from that source IP address with a temporary fail.
B: Reject the email messages from that source IP address with a permanent fail.
C: Quarantine all the email messages from that source IP address.
D: Limit the number of email messages allowed from that source IP address.
Correct Answer: ABD
No comments:
Post a Comment