Advanced Security Technologies Beyond the Firewall Exam / NSE6 Dumps / NSE6 Exam Questions / NSE6 PDF Dumps / NSE6 VCE Dumps

PassLeader Free Fortinet NSE6 Dumps with VCE and PDF (Question 71 – Question 80)

PassLeader just published the NEWEST Fortinet NSE6 exam dumps! And, PassLeader offer two types of the NSE6 dumps — NSE6 VCE dumps and NSE6 PDF dumps, both VCE and PDF contain the NEWEST NSE6 exam questions, they will help you PASSING the Fortinet NSE6 exam easily! Now, get the NEWEST NSE6 dumps in VCE and PDF from PassLeaderhttp://www.passleader.com/nse6.html (145 Q&As Dumps)

What’s more, part of that PassLeader NSE6 dumps now are freehttps://drive.google.com/open?id=0B-ob6L_QjGLpX0pDRzN5bDJDMTQ

QUESTION 71
Review to the network topology in the exhibit.
passleader-nse6-dumps-711
The workstation, 172.16.1.1/24, connects to port2 of the FortiGate device, and the ISP router, 172.16.1.2, connects to port1. Without changing IP addressing, which configuration changes are required to properly forward users traffic to the Internet? (Choose two.)

A.    At least one firewall policy from port2 to port1 to allow outgoing traffic.
B.    A default route configured in the FortiGuard devices pointing to the ISP’s router.
C.    Static or dynamic IP addresses in both ForitGate interfaces port1 and port2.
D.    The FortiGate devices configured in transparent mode.

Answer: AD

QUESTION 72
Which of the following statement correct describes the use of the “diagnose sys ha reset-uptime” command?

A.    To force an HA failover when the HA override setting is disabled.
B.    To force an HA failover when the HA override setting is enabled.
C.    To clear the HA counters.
D.    To restart a FortiGate unit that is part of an HA cluster.

Answer: A

QUESTION 73
What are required to be the same for two FortiGate units to form an HA cluster? (Choose two.)

A.    Firmware.
B.    Model.
C.    Hostname.
D.    System time zone.

Answer: AB

QUESTION 74
Which of the following statements describes the objectives of the gratuitous ARP packets sent by an HA cluster?

A.    To synchronize the ARp tables in all the FortiGate Unis that are part of the HA cluster.
B.    To notify the network switches that a new HA master unit has been elected.
C.    To notify the master unit that the slave devices are still up and alive.
D.    To notify the master unit about the physical MAC addresses of the slave units.

Answer: B

QUESTION 75
Which of the following statements are correct regarding a master HA unit? (Choose two.)

A.    There should be only one master unit is each HA virtual cluster.
B.    The Master synchronizes cluster configuration with slaves.
C.    Only the master has a reserved management HA interface.
D.    Heartbeat interfaces are not required on a master unit.

Answer: AB

QUESTION 76
Which statement describes how traffic flows in sessions handled by a slave unit in an active-active HA cluster?

A.    Packet are sent directly to the slave unit using the slave physical MAC address.
B.    Packets are sent directly to the slave unit using the HA virtual MAC address.
C.    Packets arrived at both units simultaneously, but only the salve unit forwards the session.
D.    Packets are first sent to the master unit, which then forwards the packets to the slave unit.

Answer: D

QUESTION 77
Which of the following statements are correct concerning the FortiGate session life support protocol? (Choose two.)

A.    By default, UDP sessions are not synchronized.
B.    Up to four FortiGate devices in standalone mode are supported.
C.    only the master unit handles the traffic.
D.    Allows per-VDOM session synchronization.

Answer: AD

QUESTION 78
What is the default criteria for selecting the HA master unit in a HA cluster?

A.    port monitor, priority, uptime, serial number
B.    Port monitor, uptime, priority, serial number
C.    Priority, uptime, port monitor, serial number
D.    uptime, priority, port monitor, serial number

Answer: B

QUESTION 79
What information is synchronized between two FortiGate units that belong to the same HA cluster? (Choose three.)

A.    IP addresses assigned to DHCP enabled interface.
B.    The master devices hostname.
C.    Routing configured and state.
D.    Reserved HA management interface IP configuration.
E.    Firewall policies and objects.

Answer: ACE

QUESTION 80
Which of the following statements are correct concerning the IPsec phase 1 and phase 2, shown in the exhibit? (Choose two.)

A.    The quick mode selector in the remote site must also be 0.0.0.0/0 for the source and destination addresses.
B.    Only remote peers with the peer ID ‘fortinet’ will be able to establish a VPN.
C.    The FortiGate device will automatically add a static route to the source quick mode selector address received from each remote VPN peer.
D.    The configuration will work only to establish FortiClient-to-FortiGate tunnels. A FortiGate tunnel requires a different configuration.

Answer: CD


Learning the PassLeader NSE6 dumps with VCE and PDF for 100% passing Fortinet certificationhttp://www.passleader.com/nse6.html (145 Q&As Dumps)

BONUS!!! Download part of PassLeader NSE6 dumps for freehttps://drive.google.com/open?id=0B-ob6L_QjGLpX0pDRzN5bDJDMTQ