Download FortiDDoS 4-0 Specialist.VCEplus.FortiDDoS.2019-05-03.1e.15q.vcex

Download Exam

File Info

Exam FortiDDoS 4.0 Specialist
Number FortiDDoS
File Name FortiDDoS 4-0 Specialist.VCEplus.FortiDDoS.2019-05-03.1e.15q.vcex
Size 603 Kb
Posted May 03, 2019
Downloads 31

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%


Demo Questions

Question 1
Which is true regarding packets that match a do-not-track policy with the action Track and Allow?

  • A: Packets are never dropped.
  • B: Source IP addresses are added to the legitimate IP (LIP) table.
  • C: Packets are not included in the statistics for threshold estimation.
  • D: Packets are assigned to SPP 0.

Question 2
Regarding the switching SPP feature, what is used to determine when FortiDDoS switches the traffic to an alternate SPP?

  • A: Traffic volume
  • B: Destination IP addresses
  • C: Mitigated attacks
  • D: Blocked packets

Question 3
A FortiDDoS device is connected between a protected server and an Internet router. For the aggressive aging feature, the administrator must manually add the router internal interface MAC address to the FortiDDoS configuration. Why does the FortiDDoS need this information?

  • A: To send RST packets to the protected server spoofing the router internal interface MAC address.
  • B: To allow incoming traffic only from that specific MAC address.
  • C: To determine which traffic direction is incoming and which traffic direction is outgoing.
  • D: To allow outgoing traffic only to that specific MAC address.

Question 4
As the exhibit shows, a FortiDDoS port2 is connected to the protected server. Its port1 is connected to the Internet. The FortiDDoS has 8 interfaces for user traffic. The exhibit also shows a screenshot of the unit dashboard. 

The administrator noticed that the statistics are showing all the traffic coming from the Internet to the protected server as outbound, instead of inbound. Based on the exhibit, what is the cause of this mislabeling?

  • A: The protected server is connected to a wrong FortiDDoS interface. It must be connected to an interface from port 5 to port 8.
  • B: SPP 0 is operating in detection mode.
  • C: The SPP 0 link is down.
  • D: FortiDDoS interfaces are wrongly connected. The interface port1 must be connected to the protected server and port2 must be connected to the Internet. 

Question 5
A FortiDDoS administrator wants the configured minimum threshold to act as a hard, fixed threshold. So, FortiDDoS will start dropping packets and mitigating the traffic as soon as the traffic volume goes above the configured minimum threshold, regardless of the values of the other thresholds. What configuration change can be done to achieve this requirement?

  • A: Setting the SPP to detection mode.
  • B: Changing the adaptive mode to fixed.
  • C: Setting the adaptive limit percentage to 100%.
  • D: Disabling the adaptive limit threshold.

Question 6
The exhibit shows the configuration for the blocking periods.

FortiDDoS has detected an incoming fragmented flood attack in SPP 0
According with the exhibit, which action does the unit take with the SPP-0 traffic as soon as the attack is detected?

  • A: Incoming fragmented packets from all sources are blocked for at least 60 seconds.
  • B: Incoming fragmented packets from all identified malicious sources are blocked for at least 120 seconds.
  • C: Incoming fragmented packets from all sources are blocked for at least 15 seconds.
  • D: All incoming packets from all sources are blocked for at least 15 seconds.

Question 7
A FortiDDoS device must be deployed as soon as possible in a customer network that is currently under a DDoS attack. Which values are recommended to use for the configured minimum thresholds?

  • A: The factory default values.
  • B: The factory default values increased by a percentage that depends on the customer traffic volume.
  • C: The easy setup values.
  • D: The system recommended values after a one-hour learning period.

Question 8
Which of the following DoS attacks are categorized as bulk volumetric attacks? (Choose two.)

  • A: Slowloris
  • B: HTTP slow read
  • C: SYN flood
  • D: ICMP flood

Question 9
What is the maximum number of service protection profiles (SPPs) supported in a FortiDDoS device?

  • A:
  • B: 4
  • C: 8
  • D: 16

Question 10
A FortiDDoS device is configured to mitigate SYN flood attacks using the SYN cookie mode. What action does it take when it is mitigating an SYN flood attack and a SYN packet from a new source IP address arrives?

  • A: It replies with a SYN/ACK packet containing a cookie value in the TCP sequence field.
  • B: It replies with a SYN/ACK packets. One containing the right acknowledge value, the other one with a wrong acknowledge value.
  • C: It replies with a RST packet if the SYN packet does not contain the right cookie in the sequence field.
  • D: It replies with a SYN/ACK packet containing a cookie value in the TCP acknowledge field.



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files