Advanced Security Technologies Beyond the Firewall Exam / NSE6 Dumps / NSE6 Exam Questions / NSE6 PDF Dumps / NSE6 VCE Dumps

Fortinet Advanced Products Professional NSE6 Exam Questions with VCE and PDF for Free Download from PassLeader (Question 61 – Question 70)

PassLeader just published the NEWEST Fortinet NSE6 exam dumps! And, PassLeader offer two types of the NSE6 dumps — NSE6 VCE dumps and NSE6 PDF dumps, both VCE and PDF contain the NEWEST NSE6 exam questions, they will help you PASSING the Fortinet NSE6 exam easily! Now, get the NEWEST NSE6 dumps in VCE and PDF from PassLeaderhttp://www.passleader.com/nse6.html (145 Q&As Dumps)

What’s more, part of that PassLeader NSE6 dumps now are freehttps://drive.google.com/open?id=0B-ob6L_QjGLpX0pDRzN5bDJDMTQ

QUESTION 61
Which of the following statements are correct regarding FortiGate virtual domains (VDOMs)? (Choose two.)

A.    VDOMs divide a single FortiGate unit into two or more independent firewall.
B.    A management VDOM handles SNMP. logging, alert email and FortiGuard updates.
C.    Each VDOM can run different firmware versions.
D.    Administrative users with a ‘super_admin’ profile can administrate only one VDOM.

Answer: AB

QUESTION 62
Which of the following statements is correct concerning multiple vdoms configured in a FortiGate device?

A.    FortiGate devices, from the FGT/FWF 60D and above, all support VDOMS.
B.    All FortiGate devices scale to 250 VDOMS.
C.    Each VDOM requires its own FortiGuard license.
D.    FortiGate devices support more NAT/route VDOMs than Transparent Mode VDOMs.

Answer: A

QUESTION 63
A FortiGate unit has multiple VDOMs in NAT/route mode with multiple VLAN interfaces in each VDOM. Which of the following statements is correct regarding the IP addresses assigned to each VLAN interface?

A.    Different VLANs can share the same IP address as long as they have different VLAN IDs.
B.    Different VLANs can share the same IP address as long as they are in different physical interface.
C.    Different VLANs can share the same IP address as long as they are in different VDOMs.
D.    Different VLANs can never share the same IP addresses.

Answer: C

QUESTION 64
A FortiGate unit operating in NAT/route mode and configured with two sub-interface on the same physical interface. Which of the following statement is correct regarding the VLAN IDs in this scenario?

A.    The two VLAN sub-interfaces can have the same VLAN IDs only if they have IP addresses in different subnets.
B.    The two VLAN sub-interfaces must have different VLAN IDs.
C.    The two VLAN sub-interfaces can have VLAN ID only if they belong to different VDOMs.
D.    The two VLAN sub-interfaces can have the same VLAN if they are connected to different L2 IEEE 802.1Q complaint switches.

Answer: B

QUESTION 65
A FortiGate devices is configured with four VDOMs: ‘root’ and ‘vdom1’ are in NAT/route mode; ‘vdom2’ and ‘vdom2’ are in transparent mode. The management VDOM is ‘root’. Which of the following statements are true? (Choose two.)

A.    An inter-VDOM link between ‘root’ and ‘vdom1’ can be created.
B.    An inter-VDOM link between ‘vdom1′ and vdom2’ can created.
C.    An inter-VDOM link between ‘vdom2′ and vdom3’ can created.
D.    Inter-VDOM link links must be manually configured for FortiGuard traffic.

Answer: AB

QUESTION 66
Which of the following statements is true regarding a FortiGate device operating in transparent mode? (Choose three.)

A.    It acts as a layer 2 bridge.
B.    It acts as a layer 3 router.
C.    It forwards frames using the destination MAC address.
D.    It forwards packets using the destination IP address.
E.    It can perform content inspection (antivirus, web filtering, etc.).

Answer: ACE

QUESTION 67
Which of the following statements are correct concerning IPsec dialup VPN configurations for FortiGate devices? (Choose two.)

A.    Main mode mist be used when there is no more than one IPsec dialup VPN configured on the same FortiGate device.
B.    A FortiGate device with an IPsec VPN configured as dialup can initiate the tunnel connection to any remote IP address.
C.    Peer ID must be used when there is more than one aggressive-mode IPsec dialup VPN on the same FortiGate device.
D.    The FortiGate will automatically add a static route to the source quick mode selector address received from each remote peer.

Answer: CD

QUESTION 68
Which of the following combinations of two FortiGate device configurations (side A and side B), can be used to successfully establish an IPsec VPN between them? (Choose two.)

A.    Side A:main mode, remote gateway as static IP address, policy based VPN.
Side B: aggressive mode, remote Gateway as static IP address policy-based VPN.
B.    Side A:main mode, remote gateway as static IP address, policy based VPN.
Side B: main mode, remote gateway as static IP address, route-based VPN.
C.    Side A:main mode, remote gateway as static IP address, policy based VPN.
Side B: main mode, remote gateway as dialup, route-based VPN.
D.    Side A: main mode, remote gateway as dialup policy based VPN.
Side B: main mode, remote gateway as dialup, policy based VPN.

Answer: BC

QUESTION 69
Which of the following statements are correct differences between NAT/route and transparent mode? (Choose two.)

A.    In transparent mode, interfaces do not have IP addresses.
B.    Firewall polices are only used in NAT/ route mode.
C.    Static routers are only used in NAT/route mode.
D.    Only transparent mode permits inline traffic inspection at layer 2.

Answer: AC

QUESTION 70
Which of the following are operating mode supported in FortiGate devices? (Choose two.)

A.    Proxy
B.    Transparent
C.    NAT/route
D.    Offline inspection

Answer: BC


Learning the PassLeader NSE6 dumps with VCE and PDF for 100% passing Fortinet certificationhttp://www.passleader.com/nse6.html (145 Q&As Dumps)

BONUS!!! Download part of PassLeader NSE6 dumps for freehttps://drive.google.com/open?id=0B-ob6L_QjGLpX0pDRzN5bDJDMTQ