What direction does the LAN run to the internet and what direction from the physical cabling to the private virtual network - answer-Vertically
Horizontal
What does UTM stand for? - answer-Unified threat management
Describe the architectural structure of fortigate - answer-Fortigate is a ...
Fortigate NSE 4 6.2 Security
What direction does the LAN run to the internet and what direction from the
physical cabling to the private virtual network - answer-Vertically
Horizontal
What does UTM stand for? - answer-Unified threat management
Describe the architectural structure of fortigate - answer-Fortigate is a
modular design. The hardware is advanced. Special ASIC designed by fortinet
and specialized CP and NP CPU chips make fortigate a carrier grade device. It
enables you to simplify your network and cut down on the number of needed
devices. Sitting on the advanced circuitry is FOrtiOS. Fortigate can operate
as a NGWF with antivirus, web filtering, and IPS. It's flexible allowing for a
simple operation and can also be a sophisticated NGFW with advanced
capabilities such as UTM. It is vendor neutral and also offers subscription
services to further advance capabilities and support.
What is dangerous about SSL - answer-A virus can pass through SSL unless
full (deep)SSL inspection is enabled
SNI - answer-Server name identification sent during the beginning of SSL
handshake that fortigate used to identify the server. Used in SSL certificate
inspection
What is SSL certificate inspection - answer-Fortigate uses the SNI to
distinguish the hostname of the SSL server which is validated against the
DNS. The only security feature that can be applied with this mode is web
filtering. It does not inspect encrypted data
Benefits of fortigate VM - answer-Faster deployment and tear down also may
be cheaper if you use cheaper/larger hardware to run the VM on
Disadvantage of fortigate VM - answer-You will be using a generic CPU
instead of the special fortASIC that is only made by fortinet. Therefore
performance will be downgraded
SPU and what are the 3 types - answer-Security processing unit
Specialized acceleration hardware that can offload resource intensive
processing from the main CPU
CP- content processor
,SP- security processor
NP- network processor
CP (CP8 and CP9) - answer-High speed content inspection
Content processor that accelerates Antivirus
Attack detection
Encryption and decryption (SSL)
Not bound to an interface
SP (SP3) - answer-Security processors accelerate IPS for better system
performance
Bound to an interface
NP - answer-Packet processing
NP6 (nturbo)
Attached to a network interface
Network processors that offload processing of high volume network traffic
from the CPU
What is Nturbo - answer-Offloads flow based security profile (packet by
packet sessions) to the NP4 or NP6 processors (if it's disabled then the CPU
handles it)
Where can you see how much data is being offloaded to the special
processors - answer-Session dashboard widget in GUI shows percentage
SOC3 - answer-System on a chip. Contains the CPU, CPs, NPs and SPs
What is a more accurate description of a modern firewall
A: A device that inspects network traffic at an entry point to the internet and
within a simple easily defined network perimeter
B: a multifunctional device that inspects network traffic from the perimeter
or internally within a network that has many entry points - answer-
What fortigate solution enhances performance and reduces latency for
specific features and traffic - answer-Acceleration hardware called SPU
What are the two modes a fortigate can operate in - answer-Nat and
transparent
,Explain NAT mode - answer-Fortigate is an OSI layer 3 router
Interfaces have IPs
Packets are routed by IP
Explain transparent mode - answer-Fortigate is an OSI layer 2 switch
Interfaces do not have IP
Forwards frames based on MAC and cannot route packets
What is the default fortigate mode - answer-NAT
What port do you plug
Your computer into to begin configuration (two answers ) - answer-Port one
or the internal switch ports on entry level
Or the management interface on mid-High end models
What is enabled on the mid-high range FortiGate's mgmt interface - answer-
DHCP server
What is default management IP on fortigate - answer-192.168.1.99
What is the console port for on fortigate - answer-Used for CLI access without
internet (GUI access). Can be used with a terminal emulator
What port is the built in DHCP server enabled on - answer-Port 1
Default user and pass - answer-Admin
Blank
What are fortiguard subscription services - answer-They provide fortigate
with up to date threat intelligence from the fortiguard distribution network
(FDN)
What port does package update from Fortiguard come in on - answer-TCP
443 (SSL)
When does fortigate query the FDN and what protocol - answer-Everytime it
scans for spam or filtered websites. If queries instead of downloading the
database because the size of the DB changes frequently
UDP or HTTPS
When are antivirus and IPS packages downloaded and what transport
protocol is used to download them - answer-Once a day using TCP
, How does fortigate check content for spam or malicious websites - answer-
Live queries to fortiguard over UDP
Do you need internet for the FDN subscription services - answer-Yes
Administration methods for fortigate - answer-CLI and GUI
How do you access the CLI - answer-The JavaScript widget in the GUI called
CLI console or through a terminal emulator connected through console port
What can you do if you want to list CLI commands - answer-<command
set> ?
CLI command to get fortigate status - answer-Get system status
CLI command to list attributes for an interface - answer-Show full-
configuration system interface <port>
CLI command to show non default attributes for a port - answer-Show system
interface <port>
What's two of the first things you need to do when login in fortigate for first
time - answer-Change default password and create administrator accounts
What is REST API Admin for - answer-Adds an administrative user who will
use a custom application to access the fortigate with a REST API
Aside from password what else can admins use to authenticate - answer-A
digital certificate
Or
Fortigate can query an authentication server
What are the two default admin profiles (explain each) - answer-Super_admin
- full access cannot be changed and applies to the global fortigate settings
Prof_admin - full access applies only to it's VDOM and can be changed
What feature prevents an admin from staying logged in indefinitely - answer-
Idle timeout feature (it can be overridden under admin profiles)
Which admin profile had global fortigate access - answer-Super_admin
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TOPDOCTOR. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.
