Q1. What is Fortinet’s range of next-generation firewall devices called?
Q2. With the explosion of the World Wide Web, the composition of network protocols skewed heavily towards HTTP. What challenge did this shift pose to legacy firewalls?
HTTP request methods were too complex and diverse.
Different web applications used the same HTTP port number, making it difficult for firewalls to distinguish between applications.
Firewalls did not have visibility into HTTP ports.
HTTP was an application layer protocol that relied heavily on TCP.
Q3. What did early packet filter firewalls do when they detected a packet that did not comply with their rules? (Choose two.)
Select one or more:
Silently dropped the packet
Blocked the packet and sent a message to the sender
Launched a DDOS attack on the sender’s IP address
Marked the packet as suspect, but continued to send to the destination IP address
Q4. In network security, what is the purpose of a firewall?
To prevent authorized users from accessing corporate servers
To prevent unauthorized USB devices from being plugged in to a user’s endpoint
To limit the number of users on the network
To control the flow of network traffic
Q5. What additional functionality did second generation firewalls provide that early packet filter firewalls did not?
They looked up the IP address of the sender to determine if the source was on a suspect network.
They examined packet headers to detect if the packet contained viruses.
They were stateless firewalls that allowed rogue packets that did not belong to an existing connection to pass through the firewall.
They observed network connections over time and continuously examined conversations between endpoints.
Q6. What works closely with FortiGate next-generation firewall products to provide the highest level of network security?
Q7. What three key, additional security features do next-generation firewalls provide, that legacy firewalls do not? (Choose three.)
Select one or more:
Intrusion prevention system (IPS)
Web application firewall
Application visibility and control
Packet-filtering based on IP address