ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_WCS-6.4

Fortinet NSE6_WCS-6.4 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An administrator configured a FortiGate device to connect to me AWS API to retrieve resource values from the AWS console to create dynamic objects tor the FortiGate policies. The administrator is unable to retrieve AWS dynamic objects on FortiGate. Which three reasons can explain btw? (Choose three.)
You are network connectivity issues between two VMS deployed in AWS. One VM is a FortiGate located on subnet •LAN- that is part Of the VPC "Encryption". The Other VM is a Windows server located on the subnet "servers" Which is also in the "Encryption" VPC. You are unable to ping the Windows server from FortiGate. What is the reason for this?
Refer to the exhibit. You deployed an active-passive FortiGate HA using a Cloud Formation template on an existing VPC_ Now you want to test active-passive FortiGate HA failover by running a debug so you can see the API calls to change the elastic and secondary IP addresses. Which statement is correct about the output of the debug?
You connected to the AWS Management Console at 10:00 AM and verified that there are two FortiGate VMS running, You receive a call from a user reporting about a temporary slow Internet connection that lasted only a few minutes. When you go back to the AWS portal. you notice there are now two additional FortiGate VMS that you did not create. Later that day, the number of VMS returns to two without your intervention. A similar situation occurs several times during the week. What is the most likely reason for this to happen?
An MSSP deployed 16 FortiGate VMS With the default AWS security groups and network access lists using an on-demand license from Amazon Web Services (AWS) Marketplace. They are using a thirdparty configuration backup application to back up and track changes for the FortiGate configurations. It can connect to the FortiGate devices using only the SSH protocol, A customer is using the correct username and password configured on the FortiGate devices. but they are unable to log in using the SSH protocol. What can be the reason Why this authentication is failing?
Your company deployed a FortiSandb0X for AWS. Which statement is correct about FortiSandbox for AWS?
Refer to the exhibit. You have created an autoscale configuration using a FortiGate HA Cloud Formation template. You want to examine the autoscale FortiOS configuration to confirm that FortiGate autoscale is configured to synchronize primary and secondary devices. On one of the FortiGate devices, you execute the command shown in the exhibit Which statement is correct about the output of the command?
You want to deploy the Fortinet HA cloud formation template to stage and bootstrap the FortiGate configuration in the same that you created your VPC, Which is Ohio US-East-2. Based on this information, Which statement is correct?
Which product you Can use as AWS WAF web access control lists (web ACLS) to minimize the effects Of a DDOS attack?
An administrator has deployed an environment in AWS and is now trying to send outbound traffic from the web servers to the internet through FortiGate. The FortiGate policies are configured to allow all outbound traffic. however. the traffic is not reaching the FortiGate internal interface. Which two statements Can be the reasons for this behavior? (Choose two )

Question 11

Report
Export
Collapse

A customer needs a recursive DNS for AWS VPC and on-premises networks, The customer also wants to create conditional forwarding rules and DNS endpoints to resolve custom names in AWS private hosted zones and on-premises

DNS servers.

Which Amazon service can be used to achieve this scenario?

A.
AWS mapping service
A.
AWS mapping service
Answers
B.
Amazon route 53
B.
Amazon route 53
Answers
C.
AWS DynamoOB service
C.
AWS DynamoOB service
Answers
D.
AWS Lambda service
D.
AWS Lambda service
Answers
Suggested answer: B

Question 12

Report
Export
Collapse

Which product you Can use as AWS WAF web access control lists (web ACLS) to minimize the effects Of a DDOS attack?

A.
AWS Protector
A.
AWS Protector
Answers
B.
AWS GuardDuty
B.
AWS GuardDuty
Answers
C.
AWS Inspector
C.
AWS Inspector
Answers
D.
AWS Shield
D.
AWS Shield
Answers
Suggested answer: D

Question 13

Report
Export
Collapse

As part of the security plan you have been tasked with deploying a FortiGate in AWS.

Which two are the security responsibility of the customer in a cloud environment? (Choose two.)

A.
Virtualization platform
A.
Virtualization platform
Answers
B.
Traffic encryption
B.
Traffic encryption
Answers
C.
User management
C.
User management
Answers
D.
Storage infrastructure
D.
Storage infrastructure
Answers
Suggested answer: B, C

Question 14

Report
Export
Collapse

Refer to the exhibit.

An administrator configured a FortiGate device to connect to me AWS API to retrieve resource values from the AWS console to create dynamic objects tor the FortiGate policies. The administrator is unable to retrieve AWS dynamic objects on FortiGate.

Which three reasons can explain btw? (Choose three.)

A.
AWS was not able to validate credentials provided by the AWS Lab SON connector.
A.
AWS was not able to validate credentials provided by the AWS Lab SON connector.
Answers
B.
The AWS Lab SON connector failed to connect on port 401.
B.
The AWS Lab SON connector failed to connect on port 401.
Answers
C.
The AWS Lab SON connector failed to retrieve the instance list.
C.
The AWS Lab SON connector failed to retrieve the instance list.
Answers
D.
The AWS API call is not supported on XML version I . O.
D.
The AWS API call is not supported on XML version I . O.
Answers
E.
The AWS Lab SON connector is configured with an invalid AWS access or secret key
E.
The AWS Lab SON connector is configured with an invalid AWS access or secret key
Answers
Suggested answer: A, C, E

Question 15

Report
Export
Collapse

Which statement is true about an Elastic Network Interface (ENI)?

A.
Once ENI detaches from one instance. it cannot reattach to another instance.
A.
Once ENI detaches from one instance. it cannot reattach to another instance.
Answers
B.
You can detach primary ENI from an AWS instance.
B.
You can detach primary ENI from an AWS instance.
Answers
C.
An ENI cannot move between AZs.
C.
An ENI cannot move between AZs.
Answers
D.
When you move an ENI, network traffic is not redirected to the new instance.
D.
When you move an ENI, network traffic is not redirected to the new instance.
Answers
Suggested answer: C

Question 16

Report
Export
Collapse

Which two statements are correct about AWS Network Access Control Lists (NACLS)? (Choose two.)

A.
NACLs are stateless: responses to allowed inbound traffic are subject to the rules for outbound traffic.
A.
NACLs are stateless: responses to allowed inbound traffic are subject to the rules for outbound traffic.
Answers
B.
An NACL has separate inbound and outbound rules, and each rule can either allow or deny traffic.
B.
An NACL has separate inbound and outbound rules, and each rule can either allow or deny traffic.
Answers
C.
By default. each custom NACL allows all inbound and outbound traffic unless you add new rules,
C.
By default. each custom NACL allows all inbound and outbound traffic unless you add new rules,
Answers
D.
VPC automatically comes with a modifiable default NACL, and by default it denies all inbound and outbound IPv4 traffic.
D.
VPC automatically comes with a modifiable default NACL, and by default it denies all inbound and outbound IPv4 traffic.
Answers
Suggested answer: A, B

Question 17

Report
Export
Collapse

Which features are only available on FortiWeb when compared to Fortinet Managed Rules for AWS WAF?

A.
FortiWeb meets PCI 6.6 compliance.
A.
FortiWeb meets PCI 6.6 compliance.
Answers
B.
FortiWeb can scan web application vulnerabilities.
B.
FortiWeb can scan web application vulnerabilities.
Answers
C.
FortiWeb provides a WAF subscription (FortiGuard) option.
C.
FortiWeb provides a WAF subscription (FortiGuard) option.
Answers
D.
FortiWeb provides web application attack signatures.
D.
FortiWeb provides web application attack signatures.
Answers
Suggested answer: B

Question 18

Report
Export
Collapse

Which three Fortinet products are available in Amazon Web Services in both on-demand and bring your own license (BYOL) formats? (Choose three.)

A.
FortiGate
A.
FortiGate
Answers
B.
FortiWeb
B.
FortiWeb
Answers
C.
FortiADC
C.
FortiADC
Answers
D.
FortiSlEM
D.
FortiSlEM
Answers
E.
FortiSOAR
E.
FortiSOAR
Answers
Suggested answer: A, B, C

Question 19

Report
Export
Collapse

Refer to the exhibit.

An administrator wants to update the database package from the Internet to a database server configured with IP address Which statement is correct about traffic from server IP address 10.0.1.7 to the internet. based on the diagrarm?

A.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100 2.
A.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100 2.
Answers
B.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.3
B.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.3
Answers
C.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.4
C.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.4
Answers
D.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.1
D.
Traffic from server 10.0.1.7 to the internet will hide behind elastic IP 198.51.100.1
Answers
Suggested answer: C

Question 20

Report
Export
Collapse

An MSSP deployed 16 FortiGate VMS With the default AWS security groups and network access lists using an on-demand license from Amazon Web Services (AWS) Marketplace. They are using a thirdparty configuration backup application to back up and track changes for the FortiGate configurations.

It can connect to the FortiGate devices using only the SSH protocol, A customer is using the correct username and password configured on the FortiGate devices. but they are unable to log in using the SSH protocol.

What can be the reason Why this authentication is failing?

A.
The default AWS network access list for FortiGate does not allow SSH.
A.
The default AWS network access list for FortiGate does not allow SSH.
Answers
B.
The AWS key is required to log in to FortiGate using SSH
B.
The AWS key is required to log in to FortiGate using SSH
Answers
C.
AWS uses non-standard SSH port 1025, and the default AWS security groups and NACL for FortiGate are not configured for the port.
C.
AWS uses non-standard SSH port 1025, and the default AWS security groups and NACL for FortiGate are not configured for the port.
Answers
D.
The default AWS Security group for FortiGate does not allow SSH.
D.
The default AWS Security group for FortiGate does not allow SSH.
Answers
Suggested answer: B
Total 30 questions
Go to page: of 3
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms