最新 [2022年11月22日] Fortinet NSE6_FML-6.4リアル試験問題集PDF [Q13-Q34]

最新 [2022年11月22日] Fortinet NSE6_FML-6.4リアル試験問題集PDF

NSE6_FML-6.4練習テスト問題は更新された57問題あります

質問 13
Which two antispam techniques query FortiGuard for rating information? (Choose two.)

A. DNSBL
B. URI filter
C. SURBL
D. IP reputation

正解: A,C

質問 14
What are the configuration steps to enable DKIM signing for outbound messages on FortiMail? (Choose three.)

A. Enable DKIM check in a matching antispam profile
B. Enable DKIM check in a matching session profile
C. Publish the public key as a TXT record in a public DNS server
D. Generate a public/private key pair in the protected domain configuration
E. Enable DKIM signing for outgoing messages in a matching session profile

正解: C,D,E

解説:
DKIM Signing for Outbound Email
* To configure DKIM signing for outgoing messages, you must first generate a public and private key pair for the domain
* DKIM signatures are domain specific
* FortiMail generates and stores the private key, and uses it to generate the DKIM signature
- Download the public key and publish to your external DNS server
- Enable sign outgoing messages with a DKIM signature

質問 15
FortiMail is configured with the protected domain example.com.
Which two envelope addresses will require an access receive rule, to relay for unauthenticated senders? (Choose two.)

A. MAIL FROM: [email protected] RCPT TO: [email protected]
B. MAIL FROM: [email protected] RCPT TO: [email protected]
C. MAIL FROM: [email protected] RCPT TO: [email protected]
D. MAIL FROM: [email protected] RCPT TO: [email protected]

正解: B,D

質問 16
Examine the FortiMail user webmail interface shown in the exhibit; then answer the question below.

Which one of the following statements is true regarding this server mode FortiMail's configuration?

A. The administrator has not made any changes to the default address book access privileges
B. The protected domain-level service settings have been modified to allow access to the domain address book
C. This user's account has a customized access profile applied that allows access to the personal address book
D. The administrator has configured an inbound recipient policy with a customized resource profile

正解: D

解説:
domain address book can be enabled under resource profile which is applied to inbound recipient policy

質問 17
Examine the FortiMail IBE users shown in the exhibit; then answer the question below

Which one of the following statements describes the Pre-registered status of the IBE user [email protected]?

A. The user account has been de-activated, and the user must register again the next time they receive an IBE email
B. The user has completed the IBE registration process but has not yet accessed their IBE email
C. The user has received an IBE notification email, but has not accessed the HTTPS URL or attachment yet
D. The user was registered by an administrator in anticipation of IBE participation

正解: C

質問 18
A FortiMail administrator is investigating a sudden increase in DSNs being delivered to the protected domain for undeliverable email messages. After searching the logs, the administrator identifies that the DSNs were not generated as a result of any outbound email sent from the protected domain.
Which FortiMail antispam technique can the administrator use to prevent this scenario?

A. Spam outbreak protection
B. FortiGuard IP Reputation
C. Spoofed header detection
D. Bounce address tag validation

正解: A

質問 19
Examine the FortiMail recipient-based policy shown in the exhibit; then answer the question below.

After creating the policy, an administrator discovered that clients are able to send unauthenticated email using SMTP. What must be done to ensure clients cannot send unauthenticated email?

A. Configure an access delivery rule to enforce authentication
B. Move the recipient policy to the top of the list
C. Configure an access receive rule to verify authentication status
D. Configure a matching IP policy with SMTP authentication and exclusive flag enabled

正解: A

質問 20
Refer to the exhibit.

Which statement describes the impact of setting the User inactivity expiry time option to 90 days?

A. First time IBE users must register to access their email within 90 days of receiving the notification email message
B. After initial registration, IBE users can access the secure portal without authenticating again for 90 days
C. IBE user accounts will expire after 90 days of inactivity, and must register again to access new IBE email message
D. Registered IBE users have 90 days from the time they receive a notification email message to access their IBE email

正解: C

質問 21
Examine the FortiMail DLP scan rule shown in the exhibit; then answer the question below.

Which of the following statements is true regarding this configuration? (Choose two.)

A. An email must contain credit card numbers in the body, attachment, and subject to trigger this scan rule
B. If an email is sent from [email protected] the action will be applied without matching any conditions
C. An email message containing the words "Credit Card" in the subject will trigger this scan rule
D. An email message containing credit card numbers in the body will trigger this scan rule

正解: C,D

質問 22
Refer to the exhibit.

Which two statements about the mail server settings are true? (Choose two.)

A. FortiMail will enforce SMTPS on all outbound sessions
B. FortiMail will support the STARTTLS extension
C. FortiMail will drop any inbound plaintext SMTP connection
D. FortiMail will accept SMTPS connections

正解: C,D

質問 23
Refer to the exhibit.

Which two statements about the MTAs of the domain example.com are true? (Choose two.)

A. The external MTAs will send email to mx.example.com only if mx.hosted.com is unreachable
B. The PriNS server should receive all email for the example.com domain
C. The higher preference value is used to load balance more email to the mx.example.com MTA
D. The primary MTA for the example.com domain is mx.hosted.com

正解: A,D

質問 24
Refer to the exhibit.

Which configuration change must you make to block an offending IP address temporarily?

A. Add the offending IP address to the user block list
B. Add the offending IP address to the system block list
C. Add the offending IP address to the domain block list
D. Change the authentication reputation setting status to Enable

正解: D

質問 25
Examine the access receive rule shown in the exhibit; then answer the question below.

Which of the following statements are true? (Choose two.)

A. Email matching this rule will be relayed
B. Senders must be authenticated to match this rule
C. Email must originate from an example.com email address to match this rule
D. Email from any host in the 10.0.1.0/24 subnet can match this rule

正解: A,C

質問 26
What three configuration steps are required to enable DKIM signing for outbound messages on FortiMail? (Choose three.)

A. Enable DKIM check in a matching antispam profile
B. Publish the public key as a TXT record in a public DNS server
C. Generate a public/private key pair in the protected domain configuration
D. Enable DKIM check in a matching session profile
E. Enable DKIM signing for outgoing messages in a matching session profile

正解: B,C,D

質問 27
Refer to the exhibit.

Which of the following statements are true regarding the transparent mode FortiMail's email routing for the example.com domain? (Choose two.)

A. If incoming email are undeliverable, FML-1 can queue them to retry again later
B. If outgoing email messages are undeliverable, FML-1 can queue them to retry later
C. FML-1 will use the transparent proxy for incoming sessions
D. FML-1 will use the built-in MTA for outgoing sessions

正解: A,C

質問 28
An organization has different groups of users with different needs in email functionality, such as address book access, mobile device access, email retention periods, and disk quotas.
Which FortiMail feature specific to server mode can be used to accomplish this?

A. Access profiles
B. Resource profiles
C. Domain-level service settings
D. Address book management options

正解: B

質問 29
While reviewing logs, an administrator discovers that an incoming email was processed using policy IDs 0:4:9.
Which two scenarios will generate this policy ID? (Choose two.)

A. FortiMail applies the default behavior for relaying inbound email
B. Email was processed using IP policy ID 4
C. Incoming recipient policy ID 9 has the exclusive flag set
D. FortiMail configuration is missing an access delivery rule

正解: A,D

質問 30
An administrator sees that an excessive amount of storage space on a FortiMail device is being used up by quarantine accounts for invalid users. The FortiMail is operating in transparent mode.
Which two FortiMail features can the administrator configure to tackle this issue? (Choose two.)

A. Bounce address tag verification
B. Automatic removal of quarantine accounts
C. Recipient address verification
D. Sender address rate control

正解: B,D

質問 31
Refer to the exhibit.

What are two expected outcomes if FortiMail applies this antivirus action profile to an email? (Choose two.)

A. The administrator will be notified of the virus detection
B. A replacement message will be added to the email
C. The sanitized email will be sent to the recipient's personal quarantine
D. Virus content will be removed from the email

正解: B,C

質問 32
Which FortiMail option removes embedded code components in Microsoft Word, while maintaining the original file format?

A. Header analysis
B. Content disarm and reconstruction
C. Behavior analysis
D. Impersonation analysis

正解: B

質問 33
Which firmware upgrade method for an active-passive HA cluster ensures service outage is minimal, and there are no unnecessary failovers?

A. Upgrade both units at the same time
B. Upgrade the active unit, which will upgrade the standby unit automatically
C. Upgrade the standby unit, and then upgrade the active unit
D. Break the cluster, upgrade the units independently, and then form the cluster

正解: A

質問 34
......

Fortinet NSE6_FML-6.4問題集で一発合格できる問題を試そう！：https://www.jpntest.com/shiken/NSE6_FML-6.4-mondaishu